evolution-api

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.85). The prompt contains numerous examples that hard-code or directly place API keys and secrets into curl headers, env vars and code (e.g., "apikey: your-api-key", "OPENAI apiKey: 'sk-...'", S3/SQS keys), which would lead an agent to embed user-provided secrets verbatim in generated commands or code.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The SKILL.md includes webhook handling examples (e.g., the "messages.upsert" webhook and the Node.js/Python webhook handlers) that ingest incoming WhatsApp user messages (untrusted, user-generated content) and explicitly read/interpret that content to drive responses and API actions, which could allow indirect prompt injection.