java-route-tracer

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt requires generating complete, ready-to-use HTTP test packets with "actual test values" (not placeholders) and instructs extracting values from code/configs, which can force the LLM to include sensitive tokens/cookies/API keys verbatim in outputs, creating an exfiltration risk.

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.80). The list contains an executable JAR delivered via an untrusted third‑party mirror (https://xget.xi-xu.me/gh/.../cfr-0.152.jar), which is a high‑risk download source because JARs are executable and third‑party mirrors can be tampered with; the other URLs (internal, example.com, fixed.com) look like placeholders or benign/reserved hosts and are not direct download sources.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The skill includes a runtime download-and-execute step for the CFR decompiler using curl "https://xget.xi-xu.me/gh/leibnitz27/cfr/releases/download/0.152/cfr-0.152.jar" which the skill may fetch and then run via "java -jar {CFR_JAR}", i.e., fetching external code that is executed at runtime.