docker-node

[Skill Scanner] Credential file access detected All findings: [HIGH] data_exfiltration: Credential file access detected (DE002) [AITech 8.2.3] [HIGH] data_exfiltration: Credential file access detected (DE002) [AITech 8.2.3] [HIGH] data_exfiltration: Credential file access detected (DE002) [AITech 8.2.3] [HIGH] data_exfiltration: Credential file access detected (DE002) [AITech 8.2.3] [HIGH] data_exfiltration: Credential file access detected (DE002) [AITech 8.2.3] [HIGH] data_exfiltration: Credential file access detected (DE002) [AITech 8.2.3] [HIGH] data_exfiltration: Credential file access detected (DE002) [AITech 8.2.3] [HIGH] data_exfiltration: Credential file access detected (DE002) [AITech 8.2.3] No evidence of malicious code or supply-chain exfiltration in the provided skill content. The templates and instructions are consistent with the stated purpose (containerizing Node.js/TypeScript apps using Prisma). Security risks are configuration/operational: example files include default DB credentials for development, and the recommendation to run automatic migrations on container start can cause unintended schema changes if accidentally pointed at production. The skill metadata's broad allowed-tools permission ('Bash (*)') is an operational risk for agent execution. Recommend: remove default credentials from shared files, avoid running migrations automatically in production containers (do migrations as a separate CI/CD step or gated job), and tighten agent/tool permissions. LLM verification: The artifact is benign instructional material for Dockerizing Node.js/TypeScript applications. I found no explicit malicious code or exfiltration channels. The primary issues are operational/security best-practice weaknesses: insecure example credentials, automatic DB migrations in container startup, and development patterns that can increase attack surface if copied to production. These are moderate security risks if left unmodified in real deployments. Recommend updating examples to use placeh