implementing-zero-trust-with-hashicorp-boundary

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt includes literal secret-looking values (AEAD keys, a DB password, and credential placeholders in configs) and example configuration blocks that embed them, meaning an agent producing or copying these configs would likely output those secret values verbatim.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). The prompt includes explicit sudo install commands and instructions to create and modify system configuration files under /etc and start services (e.g., installing Boundary, writing /etc/boundary/*.hcl, initializing the database), which require elevated privileges and change the host's state.