mitm-security-audit

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt requires scanning mitmproxy logs for API keys, tokens, and credentials and asks for "Evidence" of findings, which effectively requires the model to read and potentially output secret values verbatim.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill requires reading a mitmproxy dump file ("log.txt" in the current directory) which contains captured HTTP traffic from arbitrary third-party sites/users, and the agent is instructed to parse and base vulnerability findings/next actions on that untrusted content (SKILL.md "Requires: log.txt" and the Audit Checklist), creating a clear path for indirect prompt injection.