302ai-api-integration

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill explicitly instructs the agent to ask for the user's 302.AI API key and embed that key verbatim into generated code, headers, and examples (e.g., API_KEY in templates and Authorization headers), which forces the LLM to handle secrets in its outputs and creates an exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill automatically downloads and parses public API documentation (scripts/parse_api_list.py fetches https://doc.302.ai/llms.txt) and then uses WebFetch to retrieve user-selected API doc links, meaning the agent reads and interprets external public third-party content as part of its workflow.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill's runtime explicitly auto-fetches the API list from https://doc.302.ai/llms.txt (and then WebFetches selected docs like https://doc.302.ai/<doc_id>.md) to inject remote documentation into the agent's context and drive prompt interpretation and generated code, making these URLs required runtime dependencies that directly control the agent's behavior.