voice-ai-development

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt includes code that assigns API keys inline (e.g., OPENAI_API_KEY = "sk-...") and uses them directly in headers and client constructors (e.g., Authorization: Bearer {OPENAI_API_KEY}, api_key="..."), which instructs embedding secret values verbatim in generated code/requests.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill ingests and processes untrusted user-generated audio and transcripts (e.g., Vapi webhook event["transcript"] saved on end-of-call-report and the Deepgram on_transcript handler that calls handle_user_input), so the agent will read/interpret third-party content that could carry indirect prompt injections.