neo4j-mcp-skill

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt contains multiple patterns that require embedding plaintext credentials verbatim—e.g., JSON editor configs with NEO4J_PASSWORD, passing --neo4j-password on the command line, and constructing base64 "username:password" headers—so an LLM tasked to produce config/commands would need to output secret values directly.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.70). The skill's installation instructions require fetching and executing remote code from external repos (e.g., "npx skills add https://github.com/neo4j-contrib/neo4j-skills" and downloading/using https://github.com/neo4j/mcp or its releases via pip/docker), so those URLs are runtime external dependencies that will execute remote code.