edgesecurityaccess-wireguard-vpn

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt repeatedly embeds plaintext passwords and private keys directly into commands and code (e.g., curl --data "username=alice&password=secure_password", users.txt entries, esa.conf with server private key), which requires the model to handle or reproduce secret values verbatim and is therefore insecure.

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.70). Mixed signals: official go.dev download and local/loopback endpoints are low-risk, but the GitHub repository under an unvetted username (plus an unfamiliar project domain) that provides build-and-run instructions for binaries makes this set suspicious and potentially a malware distribution vector.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill's installation/build steps fetch and run remote code—specifically git clone https://github.com/KochiyaSanaeNya/EdgeSecurityAccess.git and wget https://go.dev/dl/go1.26.linux-amd64.tar.gz (which are required to build/run the server)—so external content is retrieved and executed at runtime.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). The skill includes explicit instructions to install packages, write and copy files under /etc (including a systemd service), enable/start services, modify kernel sysctl settings and iptables NAT rules, and append to system config files — all actions that change the machine state and require elevated privileges.