windows-qa-engineer

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill's workflow and examples use set_edit_text with plaintext credentials (e.g., "pass123") and require the agent to insert username/password strings verbatim into tool calls, which forces the LLM to handle/output secret values directly.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). install.yaml includes the git URL https://github.com/microsoft/UFO.git which scripts/skill_installer.py will git-clone and pip-install at setup, and the MCP server (scripts/ufo_windows_qa_mcp_server.py) imports and runs the fetched UFO code, so remote repository code is fetched and executed as a required runtime dependency.