devops-flow

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The prompt includes generated templates that embed plaintext credentials (e.g., docker-compose DATABASE_URL and POSTGRES_PASSWORD) and scripts that load/export .env files, which can require the LLM to output secret values verbatim and thus pose secret-exfiltration risk.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (low risk: 0.30). The skill generates and encourages execution of scripts and Ansible playbooks that perform privileged operations (become: yes, systemd restarts, file ownership changes, installs and command execution) and would modify the machine or services if targeted at the local host, but it does not explicitly instruct obtaining/bypassing sudo or creating host user accounts outside container images.