dast-scanning

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill prompt includes plaintext credentials and API-key placeholders embedded directly in commands and config files (e.g., --auth-password pass, password: "password123", and 'api-key' sent in an Authorization header), which would require the LLM to handle or emit secret values verbatim.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill runs dynamic scanners against arbitrary target URLs and API specs (e.g., zap-baseline.py -t https://target.example.com, zap-api-scan.py -t https://target.example.com/openapi.json, BurpScanner.create_scan('https://target.example.com'), and nikto -h target.example.com), so the agent ingests and processes untrusted public web/content as part of its workflow, enabling indirect prompt injection.