email-verification

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The workflow explicitly tells the agent to ask the user for API credentials and then make API calls (credit check, validation, sequencer deletions), which requires using those secrets in requests/commands and risks them appearing verbatim in agent outputs or logs.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly instructs the agent in Step 0 to "fetch or read the provider's API documentation" (and notes "Provider API docs are fetched or read during Step 0"), meaning it will ingest third‑party provider docs that the agent must interpret to determine endpoints, auth, status mappings and rate limits — content that could materially change subsequent API calls and removal decisions.