add-team

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). This prompt asks for the LITELLM_API_KEY (proxy admin key) and shows a curl example that embeds it directly in the Authorization header (e.g., -H "Authorization: Bearer $KEY"), which requires the agent to handle and output the secret verbatim.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill explicitly accepts and sets a "max_budget" value and calls the proxy API POST /team/new with that field using an admin API key. That is an API able to create/modify monetary budget settings (i.e., update budget) via a direct endpoint, which qualifies as direct financial execution capability per the rule about managing budgets via API.