beam-connect

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt explicitly instructs the agent to ask the user for their Beam API key and save it to a .env file (i.e., solicit and ingest a secret into the conversation), which forces the LLM to handle sensitive secret values directly.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The Create Task workflow explicitly accepts "Optional: URLs to parse" (create_task.py with optional URLs) which means the skill can fetch and parse arbitrary user-provided public web pages, exposing the agent to untrusted third-party content that could carry indirect prompt injection.