argocd-cli

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt includes an explicit plaintext password (admin / CpfsoneT7ogVKWOh) and shows/asks to use it verbatim in argocd login commands, forcing the LLM to handle and output the secret.

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). High risk — the content includes plaintext administrative credentials and server endpoints that enable unauthorized access to ArgoCD and underlying clusters, constituting credential leakage and a potential account takeover.

HIGH W008: Secret detected in skill content (API keys, tokens, passwords).

• Secret detected (high risk: 1.00). The prompt includes a literal, high-entropy credential: the ArgoCD admin password "CpfsoneT7ogVKWOh" (paired with username "admin") listed under "Credentials" and used verbatim in the argocd login command. It is not a placeholder, truncated value, or a simple example password — it appears to be a real, usable secret and is therefore flagged.