html-tailwind-css-and-javascript-expert-rule

CRITICAL E004: Prompt injection detected in skill instructions.

• Potential prompt injection detected (high risk: 1.00). The skill includes a mandatory "Memory Protocol" that instructs the agent to read an internal file (cat .claude/context/memory/learnings.md) and record memory, which attempts to access/modify internal agent state unrelated to code-review and is therefore a hidden/deceptive instruction outside the skill's stated purpose.

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The skill explicitly instructs the agent to run "cat .claude/context/memory/learnings.md" (and to record memory), which causes it to read and potentially output internal memory contents that may include API keys or other secrets verbatim, creating an exfiltration risk.

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). The skill embeds an explicit Memory Protocol instructing the agent to read and persist internal memory files (cat .claude/context/memory/learnings.md and "record any new patterns"), which is a clear, deliberate mechanism to access and potentially disclose internal/persistent agent data — a data-exfiltration/backdoor risk; otherwise the code is benign.