agent-analytics

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill explicitly shows passing API keys/project write tokens as literal CLI arguments (e.g., --token aak_YOUR_API_KEY) and embedding a project token into an HTML snippet, which instructs an agent to include secret values verbatim in commands or code.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). This skill's required workflow instructs the agent to call the Agent-Analytics service/CLI (e.g., insights, events, breakdown, sessions, experiments get) to fetch project event logs, referrers/UTM and experiment recommendations from external analytics projects — data that can be user-generated or come from arbitrary web visitors and is read and used by the agent to drive decisions (e.g., completing experiments), so untrusted third-party content could influence actions.