hive-create-task

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt explicitly tells the agent to ask the user for an admin key (or read it) and then embed it directly in a CLI upload command (--admin-key ), which requires the LLM to handle and output the secret verbatim, creating an exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's workflow requires creating and running prepare.sh which "downloads data" from external URLs (see "prepare.sh — Setup script. Downloads data, installs deps, etc." and Phase 5's "cd && bash prepare.sh"), and those downloaded, untrusted public datasets are then used by eval.sh and the agent's test/score/iteration logic — meaning third-party content can be ingested and materially influence decisions.