synthetic-monitoring

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt contains hard-coded credentials (e.g., "password123", "Test@123456") and instructs embedding them into login/register flows, which would require the LLM to include secret values verbatim in generated code or output.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's Playwright flows explicitly navigate to a configurable baseUrl (page.goto(this.baseUrl) in synthetic-tests.js) and read/inspect DOM selectors and performance data, meaning it fetches and acts on arbitrary third-party web pages whose content can influence clicks, test outcomes, and alerting.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill includes explicit code that creates orders and calls a payment endpoint to process payment (APISyntheticTests.testTransactionFlow posts to /api/orders then to /api/orders/{id}/payment with method "credit_card" and amount). That is a concrete "send transaction"/payment operation (not merely a generic HTTP or browser action). Even though the skill is a synthetic-monitoring tool, it explicitly exercises payment processing endpoints and therefore grants direct financial execution capability.