incident-remediating

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill demands "exact copy-pasteable commands" and "exact command with filled-in values" and instructs the agent to read deployment/config files and playbooks, which forces the model to reproduce any secrets found verbatim (e.g., rotated credentials, tokens, or literal API keys) — creating an exfiltration risk.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). The skill explicitly instructs the agent to generate and execute exact commands, apply fixes directly (editing files, triggering rollouts, restarting pods, rotating secrets, saving PR/runbook files), and perform runtime remediations that change system and repository state — i.e., it directs the agent to modify the machine/environment rather than just provide guidance.