gologin-web-access-skill

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill explicitly tells the agent to ask the user for GOLOGIN_WEB_UNLOCKER_API_KEY and GOLOGIN_TOKEN if missing and documents a CLI option (--web-unlocker-api-key / --web-unlocker-key) that would accept those secrets as command-line arguments, which requires the model to handle and potentially emit secret values verbatim.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill explicitly fetches and ingests arbitrary public web content (e.g., via read_page, scrape_markdown, scrape_text, scrape_json, batch_scrape, search_web, crawl_site and browser_open) as documented throughout SKILL.md, tools.md, and the workflows, meaning untrusted third‑party pages can be read and directly influence subsequent tool usage and actions.