scoutqa-test

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt includes an explicit example that instructs embedding plaintext credentials (username/password) directly into CLI commands sent by the agent, which requires the LLM to output secret values verbatim and thus creates an exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill instructs the agent to run ScoutQA against arbitrary websites supplied via the --url parameter and to view interactive reports on scoutqa.ai, meaning the agent will fetch and autonomously interpret content from untrusted/public URLs provided by users.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill invokes the ScoutQA CLI which runs tests remotely and exposes interactive execution URLs on ScoutQA (e.g., https://scoutqa.ai/t/019b831d-xxx) and supports runtime "scoutqa send-message" interactions, so the scoutqa.ai service is a required runtime dependency that executes remote test code and receives prompts.