mf-perf

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt instructs the agent to serialize and embed the entire MFContext JSON directly into a command-line argument (node ... --context ''), which would force any secret values present in MFContext to be included verbatim in the agent's output/commands and thus is high-risk exfiltration.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill's optional Step 3 instructs installing and running remote code—npm install @typescript/native-preview (registry URL: https://registry.npmjs.org/@typescript/native-preview) followed by npx mf dts—which will fetch and execute package code at runtime, so this is a runtime external dependency that can execute code.