k6-load-testing

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt includes multiple examples that embed credentials verbatim (e.g., Bearer tokens, passwords, session IDs, and hardcoded login payloads), which would require the LLM to output secret values exactly and thus enables secret exfiltration.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). SKILL.md shows k6 scripts that fetch and parse public third-party content (e.g., http.get to https://test-api.k6.io/public/crocodiles/, browser.goto 'https://test.k6.io/my_messages.php', and importing papaparse from https://jslib.k6.io/...), and those fetched page/module contents are read and used in checks/logic, so untrusted external content can influence test decisions and behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill's k6 scripts import remote JavaScript modules that are fetched and executed at runtime (e.g., https://jslib.k6.io/papaparse/5.1.1/index.js and https://jslib.k6.io/k6-summary/0.0.2/index.js), so external code is required and runs as part of the skill.