developer-growth-analysis

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.80). The skill explicitly reads raw chat history including pastedContents and builds evidence-based reports (and sends them to Slack) but gives no instructions to filter or redact secrets, so it can easily include secret values verbatim in outputs.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). This skill explicitly searches and ingests HackerNews posts/discussions (via RUBE_SEARCH_TOOLS/Rube MCP) to curate articles—public, user-generated content the agent will read and interpret as part of its workflow—exposing it to untrusted third-party input and potential indirect prompt injection.