ali-billing-query

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt explicitly tells the agent to ask the user for DB credentials (HOST, PORT, USER, PASSWORD) and to write them verbatim into ~/.duckdbrc via CREATE SECRET statements and to inspect that file (cat), which requires the LLM to handle and potentially output secret values directly.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The skill includes a runtime installation command that fetches and executes remote code via "curl https://install.duckdb.org | sh", which downloads and pipes a shell script from install.duckdb.org and therefore is a high-risk external dependency.