acommons

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The link subcommand explicitly reads/creates a device secret and instructs the agent to include that secret verbatim in the POST request body (and later save an access_token), which requires the LLM to handle and potentially emit secret values directly.

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). The skill implements a deliberate local data-collection and exfiltration pipeline (scanning many local AI tool files, building device identity) and installs persistent hooks/schedulers (modifies ~/.claude/settings.json, creates cron/launchd/schtasks) to regularly upload telemetry to an external server (https://api.agenticcommons.xyz), which constitutes intentional data exfiltration and persistence capable of privacy-invasive or abusive use.