argocd-expert

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The prompt explicitly shows commands that read the ArgoCD admin secret and then use a plaintext password in an argocd login, and it demonstrates passing repository passwords/tokens directly on the CLI (e.g., --password mytoken), which requires handling/outputting secret values verbatim and is an insecure pattern.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill’s workflows explicitly instruct ArgoCD to fetch and reconcile manifests from external Git repositories and public chart endpoints (e.g., Application/AppSet git generators and the "argocd repo add https://github.com/..." examples and repoURL fields), which are untrusted third‑party/user‑generated sources that the agent would read/interpret as part of its workflow.