alva

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The prompt tells the agent to ask the user to paste their ALVA_API_KEY and shows an export + curl verification flow (including an explicit placeholder for the key), which requires the agent to accept and potentially embed the secret into commands — an insecure pattern that risks secret exposure.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly allows agents to fetch and ingest public web and social/news content (see SKILL.md SDKHub "feed_widgets" partition and references/adk.md examples using net/http.fetch and getNews/searchNews tools), and the ADK agent loop is expected to read and reason over those external, user-generated sources to drive tool calls and trading/feed decisions, so untrusted third‑party content can materially influence agent actions.