external-gitcode-ascend-verl-feature-deploy

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt asks the user for a SwanLab API key and shows commands/CLI flags and script-generation steps that embed that key (e.g., --swanlab-api-key, echo '<SWANLAB_API_KEY>' and exporting/inserting it into generated scripts), which requires including the secret verbatim in outputs—an exfiltration risk.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill explicitly runs docker pull at runtime for a remote container image (e.g., docker pull quay.io/ascend/verl:verl-8.3.rc1-910b-ubuntu22.04-py3.11-v0.7.0), which fetches and later executes remote code inside the container, making this external URL a runtime dependency that can execute code.