turbo-pipelines

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt includes examples and explicit guidance that webhook sinks and some fields (e.g., access_token, Authorization headers) must be placed directly in the pipeline YAML—i.e., tokens/credentials are embedded verbatim in config—so an LLM producing configs may be required to output secret values directly.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's configuration reference explicitly documents handler transforms (transforms -> type: handler) and webhook sinks (sinks -> type: webhook) that call arbitrary external HTTP URLs (e.g., "url: https://my-api.example.com/enrich" and webhook examples), which would ingest untrusted third-party responses that can be read/interpreted at runtime and materially influence pipeline behavior.