subagent-builder

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt instructs subagents to scan files for "hardcoded credentials or secrets" and to include vulnerable code snippets and file:line locations in reports, which would require outputting any secret values found verbatim if present.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's Tool Selection and examples explicitly allow subagents to use WebFetch/WebSearch to fetch and search external URLs ("With external access: tools: Read, Write, WebFetch, WebSearch" and related descriptions), so the agent can ingest untrusted public web content as part of its workflow.