contentstack-cli-assistant

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt explicitly asks the agent to request stack API keys and token values and to build/run commands that include those secrets (e.g., --stack-api-key, --token, -k) which requires the LLM to handle and emit secret values verbatim.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly supports seeding/cloning from arbitrary GitHub repositories and running migration scripts (e.g., "csdx cm:stacks:seed --repo <org/repo>" and "csdx cm:stacks:migration --file-path "), which causes the agent to fetch and execute or act on untrusted, user-generated third‑party content from public repos and could therefore change subsequent tool actions.