opik

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The prompt explicitly tells the agent to accept a user's API key/workspace and "use those values directly" and to write/append API keys into config files (e.g., .env or ~/.opik.config), which requires handling and potentially outputting secret values verbatim, creating exfiltration risk.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The skill instructs the runtime to call Opik APIs (e.g., https://www.comet.com/opik/api/v1/private/) via client.get_agent_config()/REST to fetch AgentConfig and managed prompts which directly control the agent's prompts/instructions and are relied on at runtime, so this external URL is a runtime dependency that controls prompts.