up-drift

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The skill explicitly instructs the agent to SSH into servers, extract configuration values and file contents, and then update wiki/Notion pages with those findings but gives no guidance to redact or avoid embedding secrets, so it likely requires handling and verbatim output of sensitive credentials.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's Phase 3 Link Audit explicitly fetches and verifies "External URLs" using WebFetch (Phase 3: "Verify external URLs using WebFetch" and "Dead external URLs: remove the link or replace with a current URL if discoverable"), which means it retrieves and acts on arbitrary public web pages (untrusted third‑party content) and can change wiki content based on what it finds.