issue-to-solution-bridge

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.80). The skill explicitly states it "automatically integrates Public, Confidential (Company/Client), and Personal knowledge tiers" and "prioritizing the most specific secrets," which indicates the agent will ingest and potentially use secret values in its orchestration—creating a real risk those secrets could be included verbatim in generated commands or outputs despite the claim of preventing leaks.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly references and supports analyzing GitHub/Jira issues in SKILL.md and includes a fetchIssueFromGH function in src/lib.ts that runs the gh CLI to retrieve a GitHub issue's title/body, which is untrusted, user-generated third-party content that the agent would read and could materially influence its actions.