admin-interface-rules

CRITICAL E004: Prompt injection detected in skill instructions.

• Potential prompt injection detected (high risk: 0.90). The skill includes a mandatory "Memory Protocol" that explicitly tells the agent to run a local shell command to read an internal memory file and to "assume interruption" (ignore missing context), which are operational/deceptive instructions outside the stated code-review/admin-guidelines purpose and could be used to exfiltrate or misrepresent internal state.

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The prompt requires running cat .claude/context/memory/learnings.md before starting (and recording memory after), which forces the agent to read and include local memory file contents verbatim in context/output and could therefore expose API keys or other secrets stored there.