rclone

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt includes example rclone commands that embed secrets as literal command-line parameters (access_key_id, secret_access_key), which would require the agent to place actual API keys/secrets verbatim into generated commands or configs, creating an exfiltration risk.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The skill's setup includes a runtime installation command that fetches and executes remote code — "curl https://rclone.org/install.sh | sudo bash" — which installs a required dependency and therefore can directly execute remote code.