market-research

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The workflow explicitly tells the agent to ask the user for API credentials and to run queries through the chosen provider's API, so the agent will handle secrets (and could be asked to embed them in requests/commands), creating a high exfiltration risk even if not explicitly required to echo them.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The workflow explicitly instructs the agent to fetch/read third-party provider API docs and to run web-search style queries via the chosen deep-research provider (Step 0 and "Run each query through the chosen provider's API"), including Query 4 which requests quotes from LinkedIn posts, blog posts and conference talks—clearly ingesting untrusted public/user-generated content that the agent must interpret to form hypotheses.