devic-api

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt explicitly instructs including the API key verbatim in Authorization headers and provides curl examples embedding the key, which encourages the LLM to output secret values directly.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The documentation (see tool-servers.md "Tool Execution Flow" and "Response Post-Processing") shows agents/assistants invoking external Tool Servers at arbitrary URLs and ingesting their responses (including JS post-processing templates) as part of execution, so untrusted third‑party content can be fetched and can materially influence agent actions.