clawbrain

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt includes examples of storing and retrieving decrypted secrets (e.g., content="sk-1234567890abcdef") and CLI commands that can display the full key, which would require the agent to handle and potentially output secret values verbatim.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). The prompt explicitly instructs creating/editing systemd drop-in configs under /etc and running sudo systemctl daemon-reload/restart (and other sudo commands), which modify system service files and require elevated privileges.