commandbox-package-management

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill instructs setting an API token via an inline CLI/config command (config set endpoints.forgebox.APIToken=your-forgebox-api-key), which encourages embedding secret values verbatim in generated commands or code, creating exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's SKILL.md explicitly allows installing packages from public sources (ForgeBox, Git, HTTP/S3/gist, etc.) and documents lifecycle scripts that run automatically (preInstall/postInstall), meaning untrusted third-party package content could be fetched and execute commands that influence agent behavior.