loom-crossplane

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt embeds plaintext example API credentials (AKIA… and a secret access key) and demonstrates creating and referencing secrets, which encourages or enables an agent to read or reproduce secret values verbatim.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill includes runtime package installs that fetch and execute remote code (e.g., package references like xpkg.upbound.io/upbound/provider-aws-s3:v1.1.0 and xpkg.upbound.io/crossplane-contrib/function-patch-and-transform:v0.2.1 which Kubernetes/Package controllers will download and run, and the install step curl -sL https://raw.githubusercontent.com/crossplane/crossplane/master/install.sh | sh which directly executes remote shell code), so these are runtime external dependencies that execute remote code.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). The prompt includes commands that require and instruct use of elevated privileges (e.g., "sudo mv /usr/local/bin"), and recommends installing software via curl|sh and modifying system paths/secrets which actively change the host system state and can compromise it.