crawler

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill explicitly mandates capturing and documenting "cookies/storage/header" and saving raw "auth-signals.json" and NETWORK.md evidence (cookies, tokens, headers), which would require the LLM to include secret values verbatim in its generated artifacts.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly drives browsing and network capture of arbitrary target sites using Playwriter and CDP (see the Workflow and playwriter-commands.md / cdp-capture.md), persists raw network/auth artifacts under .hypercore/crawler/[site]/, and uses those untrusted third‑party responses to decide methods and generate crawler code, so third‑party content is read and can materially change agent actions.