exa-incident-runbook

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The runbook includes commands that decode and print secrets (kubectl ... | base64 -d) and instructs creating secrets with --from-literal=api-key=NEW_KEY, which requires handling or embedding secret values verbatim.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The runbook explicitly fetches and interprets public third-party pages (e.g., "curl -s https://status.exa.com" and "curl -s https://api.exa.com" in SKILL.md) and uses those external responses to drive decisions (wait for Exa vs remediate), which exposes the agent to untrusted third-party content that could influence actions.