phoenix-cli

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt includes examples that pass API keys directly on the command line (e.g., px profile create ... --api-key <key> and export PHOENIX_API_KEY=your-api-key), which encourages embedding secret values verbatim in generated commands and outputs.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The CLI fetches prompt text at runtime from the Phoenix API endpoint (e.g., https://app.phoenix.arize.com) via commands like "px prompt get", so content served from that URL can directly control agent prompts.