devops

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt includes multiple examples that hard-code plaintext credentials and embed secrets verbatim in configs/commands (e.g., MYSQL_ROOT_PASSWORD: secret, DATABASE_URL=mysql://user:pass@..., and docker/CI steps that inline passwords), which would require an LLM to handle or output secret values directly and thus poses an exfiltration risk.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). The skill includes explicit privileged system changes (adduser/usermod, editing /etc/ssh/sshd_config, systemctl restart sshd, ufw enable, apt installs, modifying /etc/nginx, creating users and service files, running curl | sh) that create users and modify system files requiring sudo/root, so it instructs actions that would compromise the machine state.