ln-814-optimization-executor

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill explicitly reads and reuses a raw e2e_test_command from the context (injecting it into Monitor commands, logs, and the e2e_test field of the report), which will cause any secrets embedded in that command (API keys, tokens, passwords) to be copied verbatim into agent output and logs — a direct exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill instructs the agent to fetch missing reference files from a public raw GitHub URL (https://raw.githubusercontent.com/levnikolaevich/claude-code-skills/master/skills/{path}) and marks several of those reads as "MANDATORY READ", so the agent will ingest and act on untrusted, user-generated third‑party content that can materially influence its actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The skill explicitly instructs at runtime to WebFetch required "shared" reference files from https://raw.githubusercontent.com/levnikolaevich/claude-code-skills/master/skills/{path}, and those fetched Markdown files are marked as "MANDATORY READ" and directly control the agent's behavior/instructions, so this is a runtime external dependency that can change agent prompts.