serpapi

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The prompt’s examples and helper scripts embed the API key directly into URLs and curl commands (api_key={apiKey} / &api_key=$API_KEY), which requires the agent to include secret values verbatim in requests or generated commands.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches live Google search results via SerpAPI (e.g., curl calls in SKILL.md and scripts/search.sh) and ingests organic_results/snippets from arbitrary public websites which the agent is intended to read and use to make decisions, so untrusted third‑party content could inject instructions that affect behavior.