resolve-failed-test

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt requires the agent to reproduce and display the exact execution_command and include it verbatim in reproduced commands and the final report, so if that command contains embedded secrets (API keys, tokens, or passwords) the LLM would necessarily output them, creating an exfiltration risk.

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 0.90). The skill content itself appears benign in intent but contains an explicit instruction to execute the exact execution_command coming from the test-result JSON and to apply file changes, which can be abused to achieve arbitrary command execution, unauthorized filesystem modification, or to introduce a backdoor if the JSON input or the agent running it is attacker-controlled.