hermes-atropos-environments

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt instructs the agent to ask users for API keys/auth details and to "use those values in all CLI commands for that session," which can require embedding secret values verbatim into generated commands or code, creating an exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly shows setup() calling HuggingFace's load_dataset("your/dataset") (a public, user-contributed source) and then using those items in format_prompt() and evaluate() to drive the multi-turn agent loop, so untrusted dataset contents would be read and could directly influence tool use and agent actions.