acommons

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The skill's link flow explicitly instructs reading a device secret from a local file and embedding it as "device_secret" in a JSON POST (and saves an access_token), which requires the LLM to handle and place secret values verbatim into requests/outputs—an exfiltration risk.

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). This code intentionally collects local AI tool usage and device/system metadata, installs persistent hooks/scheduled tasks, and uploads normalized usage payloads (including a device identity/secret and API token when present) to an external API — behavior that constitutes deliberate data exfiltration and persistent telemetry and is high risk without explicit, informed user consent.