secret-scanner

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill explicitly requires including detected secret values verbatim in reports, sample code, and remediation commands (e.g., secret snippets, keys in bash snippets and secrets.txt), which would force the LLM to output secrets directly and create an exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly instructs fetching and scanning arbitrary public repositories (e.g., "trufflehog git https://github.com/user/repo.git" and "git clone --mirror https://github.com/user/repo.git") so the agent would ingest and analyze untrusted, user-generated third‑party content from the open web.