sdr-bdr-automation

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt includes explicit examples of embedding API keys in commands (e.g., curl -H "Authorization: Bearer {{SMARTLEAD_API_KEY}}"), which requires the agent to insert or handle secret values verbatim and thus poses an exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly ingests public third‑party content (Step 1: Prospect Discovery using Apify scrapers for LinkedIn, Google Maps, Google Search and industry directories; Step 2: Enrichment via Apify Google Search and Perplexity Sonar) and then has the agent read/synthesize that untrusted web/social content (Gemini Flash synthesis) to generate personalized messaging and drive outreach/channel decisions, so externally sourced pages could indirectly inject instructions that affect behavior.