typo3-ddev

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt embeds an explicit username/password ("admin / Joh316!!") as operational credentials for accessing the TYPO3 backend, so an agent using this skill would likely need to output or embed that secret verbatim in instructions or commands.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill requires fetching and running external code during setup/runtime—notably cloning the skill repo (https://github.com/netresearch/typo3-ddev-skill.git) which would load/execute skill code in the agent environment, and the suggested install scripts fetched-and-executed at runtime (curl -fsSL https://get.docker.com | sh and curl -fsSL https://raw.githubusercontent.com/ddev/ddev/master/scripts/install_ddev.sh | bash) — all of which download remote code that is executed and are presented as required dependencies.

HIGH W008: Secret detected in skill content (API keys, tokens, passwords).

• Secret detected (high risk: 1.00). I scanned the full prompt for literal credentials. The only direct credential-like entry is the line "Credentials: admin / Joh316!!". This is a specific username and password pair (not a placeholder like YOUR_API_KEY or sk-xxxx, and not a simple setup password). The password contains mixed-case letters, digits and punctuation and is presented as an actual admin credential, so it appears to be a usable secret and should be flagged.

No API keys, private keys, tokens, or other high-entropy secrets were found. Other values (ports, php_version, command examples, file paths, etc.) are configuration or documentation items and were ignored per the rules.