apr

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt includes a hardcoded token (e.g., --token "flywheel-apr-2026" and export ORACLE_REMOTE_TOKEN="flywheel-apr-2026") and instructs emitting commands that place that token verbatim into shell/config and CLI invocations, which requires the agent to handle/output secret values directly.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill configures and uses a remote Oracle server at 100.114.183.31:9333 (ORACLE_REMOTE_HOST) during runtime to delegate browser automation that directly drives prompts/interactions with GPT and executes remote actions, making that external endpoint a required runtime dependency.