capgo-live-updates

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.80). The prompt includes examples that embed API keys and private keys directly in CLI commands and config files (e.g., capgo login --apikey YOUR_API_KEY, privateKey: 'YOUR_PRIVATE_KEY'), which encourages placing secret values verbatim into generated commands or code — an insecure pattern even though placeholders are used.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md workflow explicitly instructs the app to fetch and apply update bundles from third‑party URLs (e.g., CapacitorUpdater.getLatest()/download using updateUrl "https://api.capgo.app/updates" or user-provided/self-hosted updateUrl), meaning untrusted remote code/content can be ingested at runtime and change behavior.