runpod-compute

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). It instructs configuring the CLI with a command that embeds the API key (runpodctl config --apiKey=YOUR_KEY), which would require the model to include secret values verbatim in generated commands and thus poses an exfiltration risk.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill instructs runpodctl to create pods using the remote container image "runpod/pytorch:2.4.0-py3.11-cuda12.4.1-devel-ubuntu22.04", which will be fetched from a registry and executed at runtime, so external code is pulled and run (risking execution of untrusted remote code).