create-new-static-website

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt explicitly instructs the agent to "ask for" and set ALCHEMY_PASSWORD in a .env file (or embed the user's provided value), which requires the LLM to receive and potentially output the secret verbatim.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md workflow explicitly fetches a public GitHub template via "npx gitpick instructa/astro-website-starter" (step 2) and then runs project scripts (e.g., pnpm run dev), meaning the agent will pull and execute untrusted third-party repository content that can materially alter behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The workflow invokes "npx gitpick instructa/astro-website-starter", which fetches and executes remote package/template (instructa/astro-website-starter via npm/git) at runtime, so external code is fetched and executed and is required for the skill to scaffold the project.