celery-advanced

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt includes explicit credential usage in examples (e.g., celery flower --basic_auth=admin:password), which demonstrates and encourages embedding secret values verbatim in commands/configs, creating an exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill processes arbitrary external URLs supplied to process_image_batch (examples/image-processing-workers.py) where download_image uses requests.get(image_url) to fetch and decode remote images, meaning the agent ingests untrusted third-party content from the open web as part of its workflow.