nocobase-env-manage

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt explicitly supports a token auth path (app_token / --access-token) and maps to commands that embed the access token directly on the CLI (nb env add ... --access-token ), which requires the LLM to handle and output secret values verbatim.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's hard rules and install runbook explicitly require reading and following an "official NocoBase install or quick-start URL" provided by the user (see "For task=install" in SKILL.md and references/install-runbook.md), which means the agent will fetch and act on content from a public third-party webpage that can change runtime behavior.