huawei-cloud-ascend-remote-connect

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt requires passwords be supplied as command-line arguments and shows/uses plain-text password values in example commands and output (e.g., --password , "with password xxx"), which forces the agent or returned commands to include secret values verbatim — a high exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.75). Outsider free text can enter the LLM context via the skill’s runtime ingestion of STDOUT/STDERR from the remote target server (e.g., SSHClient.execute() reads remote output and CommandExecutor._exec_simple()/_execute_command() formats it into the returned text), which is then fed back into the agent’s context as the skill response.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). The skill explicitly directs SSH connections as root, requires sudo for system management, and exposes capabilities like disk formatting, user/permission management, reboot/shutdown, and SSH/firewall/config changes—actions that modify system state and can compromise the machine.

MEDIUM W021: Hidden or invisible Unicode characters detected (potential obfuscation or prompt injection).

• Hidden Unicode characters detected (1 type(s) found)