widget-studio

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt explicitly requires asking the user for their Site Key and instructs the agent to replace 'YOUR_SITE_KEY' with the actual key in code snippets, which forces the LLM to accept and output the key verbatim.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). This skill instructs integrating and executing an external SDK from the public URL https://widget-studio.weez.boo/sdk/index.global.js into user projects, which causes untrusted third-party code to be fetched and run as part of the runtime workflow.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill repeatedly loads and requires the remote JavaScript https://widget-studio.weez.boo/sdk/index.global.js at runtime (via tags and dynamic script injection), which executes remote code in the client and is a required runtime dependency.