arr-media-stack

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt's examples embed API keys, cookies, and passwords directly into curl commands and config (e.g., -H "X-Api-Key: YOUR_KEY", POST data "password=YOUR_PASSWORD", PRIVATE_KEY env), which requires the LLM to place secret values verbatim into generated commands or code, creating exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md explicitly uses Prowlarr's "search across all indexers" (http://localhost:9696/api/v1/search) and mentions using FlareSolverr to fetch Cloudflare‑protected indexers, so the agent would ingest and act on results from public/untrusted indexer sites which can influence searches/adds and downstream actions.