oracle

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.80). The prompt includes explicit CLI examples that pass tokens/secrets as command-line arguments (e.g., --token , --remote-token ) which encourages embedding secret values verbatim in generated commands, creating an exfiltration risk despite advising to avoid attaching secrets.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.70). The skill instructs running "npx -y @steipete/oracle", which fetches and executes remote npm package code at runtime and that code directly controls prompt bundling and model interactions, so this external runtime dependency is required and can control agent behavior.