voice-ai-development

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt includes code that assigns API keys inline (e.g., OPENAI_API_KEY = "sk-...") and uses them directly in headers and client constructors (e.g., Authorization: Bearer {OPENAI_API_KEY}, api_key="..."), which instructs embedding secret values verbatim in generated code/requests.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill ingests untrusted, user-generated content via Vapi webhooks (e.g., event["transcript"] and function-call events) and Deepgram live transcription (transcribe_stream calls handle_user_input), and those transcripts/events are explicitly used to drive behavior and tool/function calls, so third-party content can materially influence agent actions.