curl-http

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The prompt includes explicit examples that embed API keys, bearer tokens, and plaintext passwords directly into curl/httpie commands, which encourages the LLM to output secret values verbatim when constructing requests (high exfiltration risk).

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly runs curl against arbitrary user-provided/open URLs and parses their responses (see SKILL.md usage guidance and scripts/http-debug.sh and scripts/api-tester.sh which accept and fetch arbitrary URLs), so it ingests untrusted third‑party content that could influence subsequent analysis or actions.