aikido-security-remediator

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.80). The prompt requires the agent to read client credentials and optional access tokens from a repository .env (and even instructs parsing .env as plain text) so the agent must handle secret values to perform OAuth/API calls, creating a high risk the LLM will access or emit secrets even if not explicitly asked to print them.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill fetches open issue groups and per-issue details from the external Aikido public API (https://app.aikido.dev/api) and the agent is instructed to read, triage, and act on those findings, which are third-party/untrusted content that could contain injected instructions.