acontext-installer

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt explicitly tells the agent to ask the user for API keys and to embed them directly in commands (e.g., acontext dash projects select --api-key <sk-ac-...>), which requires the LLM to handle and output secret values verbatim.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's Claude Code/OpenClaw plugins auto-sync and load skill files from the Acontext Learning Space (via dash.acontext.io and api.acontext.app) and expose tools like acontext_get_skill and acontext_search_skills that cause the agent to read and act on user-uploaded skill content, which is untrusted third-party data that can influence agent behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The SKILL includes an installation step that runs remote code at runtime via "curl -fsSL https://install.acontext.io | sh", which executes fetched code and is required for installing the Acontext CLI used by the skill.