security-scanning-security-hardening

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The skill explicitly instructs secrets detection (GitLeaks/TruffleHog) and to produce a "secrets exposure report" and PoC artifacts, which would require retrieving and potentially outputting secret values verbatim, creating an exfiltration risk.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 0.90). The skill explicitly instructs agents to perform invasive remediation, deploy and configure infrastructure and security services, and run penetration tests (including privilege escalation), which inherently require privileged, state‑changing operations on the host and can modify system files or services.