deploy-ecs-service

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The prompt instructs sourcing .env and even includes a python -c snippet that interpolates ALIYUN_DNS_ACCESS_KEY_ID/_SECRET into the command, which results in secrets being passed verbatim on the command line / in requests and thus creates a high exfiltration risk.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). The skill instructs the agent to perform SSH/rsync/docker-compose operations, write nginx and certificate files under /root, reload services, and call DNS APIs with credentials—explicitly changing system and network state and requiring elevated privileges.