pipes-deploy-clickhouse-cloud

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt explicitly instructs collecting the user's ClickHouse password and embedding it verbatim in curl commands, .env files, and CLI invocations (e.g., --user "default:[password]", CLICKHOUSE_PASSWORD=[actual-cloud-password], -e CLICKHOUSE_PASSWORD=[password]), which requires the LLM to handle/output secret values directly.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md workflow explicitly instructs the agent to run curl against user-supplied ClickHouse Cloud URLs (e.g., https://[service-id].[region].aws.clickhouse.cloud:8443) and to read query results and sample data (Steps 1, 7–8, etc.), meaning the agent ingests untrusted third‑party responses that directly affect deployment decisions and next actions.