monitor

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.80). The skill primarily uses an environment variable (secure), but it explicitly supports and shows examples of passing API keys directly via the --token flag and embedding them in command lines, which requires the agent to handle or output secret values verbatim and is therefore insecure.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The CLI fetches and displays logs, alerts, and API docs from the AO Task Monitor API (default https://ao-task-monitor.onrender.com and any --base-url or request the user provides), so it ingests potentially untrusted/third‑party user-generated content that the agent will read and interpret.