unsplash

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt instructs the agent to ask the user for an Unsplash API key and then embed that key verbatim into a shell command (echo "UNSPLASH_ACCESS_KEY=<user_provided_key>" >> .env), which requires the LLM to handle and output the secret directly.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill makes live API requests to the public Unsplash service (see scripts/search.sh, scripts/random.sh, and scripts/lib/common.sh which call https://api.unsplash.com) and ingests/displaysof user-generated photo metadata (description, alt_description, photographer info, attribution_html) from that public third-party source which the agent is expected to read and present.