mitm-subdomains

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.80). The skill requires parsing mitmproxy traffic and returning "Full URL" entries from captured requests, which can contain Authorization headers, cookies, query-string API keys, or other secrets, so it may force the agent to handle and potentially output secret values verbatim even though it doesn't explicitly ask for them.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's required workflow (SKILL.md) mandates analyzing a mitmproxy dump file (log.txt) containing captured network traffic from arbitrary external websites/services, so the agent will read and interpret untrusted third‑party content and use it to classify subdomains and recommend follow‑up actions.