webapp-nikto

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The prompt shows and encourages embedding credentials and session cookies directly on the command line (e.g., -id username:password, -cookies "session=abc123"), which requires the LLM or user to include secret values verbatim in generated commands and poses an exfiltration risk.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The CI template contains a runtime command that fetches and executes remote code via curl -s https://raw.githubusercontent.com/aquasecurity/tfsec/master/scripts/install_linux.sh | bash (executes remote script during CI), which is a clear runtime external dependency that executes fetched code.