winapp-package

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt includes examples and options that instruct embedding certificate passwords and PFX paths directly on the command line (e.g., --cert-password MyP@ssw0rd and --cert ... --cert-password ${{ secrets.CERT_PASSWORD }}), which requires the agent to handle and output secret values verbatim and can expose them in logs or LLM outputs.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 0.70). The skill instructs installing certificates into the machine trust store and installing MSIX packages (e.g., winapp cert install, Add-AppxPackage / --install-cert), which require elevated/admin privileges and modify system state/trust, so it can compromise the host.