campaign-sending

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The workflow explicitly instructs the agent to ask the user for API credentials and then use them to call provider APIs (create campaigns, upload leads, confirm access), which requires the LLM to receive and likely embed secret values into requests/commands, creating an exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's Step 0 explicitly requires fetching and reading a provider's API documentation from external providers ("Fetch or read the provider's API documentation" and "For other providers, docs are fetched during Step 0" in SKILL.md), which the agent will parse to determine endpoints, auth, rate limits and other actions—exposing it to untrusted third‑party content that could influence behavior.