zabbix

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt embeds plaintext credentials directly in example configs and curl requests (e.g., POSTGRES_PASSWORD=zabbix_password, monitor_password, and the user.login password "zabbix"), which requires the agent to output or reproduce secret values verbatim and is therefore insecure.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). The skill explicitly instructs running sudo apt/dpkg commands and modifying /etc/zabbix/zabbix_agent2.conf (system files), which require elevated privileges and change the host system state.