rclone

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The prompt includes example rclone commands that inline access_key_id and secret_access_key as command-line arguments (even if shown as placeholders), which encourages the agent to request and/or emit secrets verbatim in generated commands—an exfiltration risk.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The skill's setup includes a runtime installation command that fetches and executes remote code — "curl https://rclone.org/install.sh | sudo bash" — which installs a required dependency and therefore can directly execute remote code.