remotion-server

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.80). The prompt includes an explicit example that embeds a secret value directly in a CLI flag (e.g., --webhook-secret=my-secret), which is an insecure pattern that would encourage or require the agent to output secrets verbatim in commands.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 0.80). The prompt explicitly instructs running a setup script and provides sudo apt/yum install commands that modify system packages and require root privileges, which could push an agent to perform privileged state-changing actions.