american-airlines

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill explicitly requires the agent to ask the user for the 6‑digit 2FA code and then write it verbatim (e.g., echo "123456" > /tmp/aa-2fa-code.txt) and also shows passing passwords via command-line flags, so the LLM would need to handle and emit secrets directly.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill requires and documents fetching/executing external runtime code (e.g., docker pull ghcr.io/borski/aa-miles-check:latest and the base image ghcr.io/borski/patchright-docker:latest or installing the patchright package), which are external container/package URLs used to provide and run the skill runtime environment and thus execute remote code.