typo3-ddev

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt includes an explicit plaintext credential ("admin / Joh316!!"), which would require the agent to handle and possibly emit that secret verbatim in commands or instructions, creating an exfiltration risk.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.70). The skill includes a host command that runs a remote container at runtime (docker run --rm ... ghcr.io/typo3-documentation/render-guides:latest), which will pull and execute code from that external URL/registry during skill execution, so it is a runtime external dependency that executes remote code.