anysite-cli

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt contains multiple examples that embed API keys and passwords directly in CLI commands and configs (e.g., anysite config set api_key sk-xxxxx, anysite db add ... --password secret, Authorization: "Bearer token"), which instructs the agent to emit secrets verbatim and thus enables exfiltration.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's SKILL.md and README explicitly instruct use of anysite API endpoints (e.g., /api/linkedin/, /api/instagram/, /api/twitter/, /api/reddit/, /api/web/parse) to fetch public social/media and web content and then feed those records into downstream dataset and LLM enrichment steps (llm: classify/enrich/generate), meaning untrusted, user-generated third-party content is ingested and can directly influence prompts and subsequent actions.