agent-line

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.80). The prompt includes explicit examples and CLI forms that accept and show secrets verbatim (e.g., --password and --token flags), meaning an agent could be expected to embed user-provided tokens/passwords directly into generated commands or outputs.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly fetches and reads user-generated LINE chat messages (see "Message Commands" in SKILL.md, references/common-patterns.md Pattern 4, and templates/monitor-chat.sh), and those messages are used to drive agent behavior (e.g., monitoring and auto-responding to message text), so untrusted third-party content can materially influence actions.