pulumi-esc

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.80). The prompt includes a literal secret example ("super-secure-password") and guides use of commands and API calls (pulumi env set, pulumi env open, cloud API) that can reveal or require embedding secret values verbatim in generated commands or output, creating an exfiltration risk.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill explicitly instructs using the web-fetch tool at runtime to retrieve and inject documentation from Pulumi (e.g., https://www.pulumi.com/docs/esc/integrations/dynamic-login-credentials/aws-login/) into the agent context to extract guidance, so these pulumi.com URLs are runtime-fetched content that can directly control prompts.