project-analyzer

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill requires embedding concrete code examples and "evidence" (grep output / code snippets / .env or hardcoded-secrets findings) into generated reports without instructing redaction, which would force the LLM to include secret values verbatim if present in the repository.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly accepts a repository URL ("Works when a project directory or repo URL is provided" in SKILL.md) and its required Phase 1/Phase 2 scripts (scripts/phase1_discovery.sh and scripts/phase2_analysis.sh) read and analyze the repo files (find/grep/git/cat), so it will ingest arbitrary public repository content (untrusted/user-generated) that can influence analysis and subsequent actions.