url-fetcher

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill's citation rule requires embedding the fetched URL verbatim in output (url="URL"), and URLs can contain sensitive tokens or credentials in query strings or paths, so the agent may be forced to output secrets.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The SKILL.md defines a fetch_url_content(url, ...) tool that accepts arbitrary http(s) URLs and extracts page text (e.g., "Fetch and extract text content from web page URLs" and the tool description in SKILL.md), so the agent will ingest open/public third-party web content that could contain untrusted/user-generated instructions influencing its actions.