ai-pdf-filler-cli

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill explicitly instructs embedding API keys as command-line arguments (e.g., simplicity-cli --api-key "<api_key>"), which requires handling and potentially outputting secret values verbatim and is an exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's SKILL.md and references/commands.md explicitly allow using --form-url and --source-url to fetch PDF files from arbitrary URLs (public web) which the CLI ingests and uses to autofill forms, so untrusted third‑party content can directly influence how the agent fills and acts on those documents.