runpodctl

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.80). The prompt includes examples that pass secrets directly on the command line (e.g., --password "p") and references API key setup, which would encourage embedding secret values verbatim in commands—an insecure pattern that risks exfiltration.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill retrieves community/user-provided templates and their READMEs via commands like "runpodctl template list --type community" and "runpodctl template get " (which return README, env, ports, and start/entrypoint settings), exposing the agent to untrusted third-party content that can influence pod creation and subsequent actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The skill's install instructions include "curl -sSL https://cli.runpod.net | bash", which fetches and immediately executes a remote script (and is presented as the required installer for the CLI), so it is a runtime external dependency that executes remote code.