azure-api-management

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill includes commands that require placing secrets (e.g., --client-secret <CLIENT_SECRET>) directly in generated CLI commands/policy configurations, which would cause the LLM to output secret values verbatim if filled, creating exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The "Import API" instructions explicitly show importing an OpenAPI specification from an arbitrary URL (--specification-url https://api.example.com/swagger.json), meaning the skill ingests untrusted public third‑party content (OpenAPI specs) as part of its workflow which can materially change API configuration and subsequent actions.