peach-db-query

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt explicitly requires parsing DATABASE_URL to extract passwords and shows/uses commands that embed secrets verbatim (e.g., PGPASSWORD='[password]', mysql -p'[password]', docker URL with user:password), which forces the agent to handle and potentially output sensitive secret values.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 0.80). The skill explicitly instructs installing system packages (apt-get, brew), auto-running installers, and modifying shell config files (appending to ~/.zshrc) and even suggests sudo usage/Docker commands — actions that modify the host system and can require privilege escalation, so it poses a significant risk of compromising machine state.