infographics

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt includes a --api-key CLI option (and shows usage for passing a key) which encourages embedding API keys as command-line arguments, forcing secrets to appear verbatim in commands/outputs and creating exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's AI pipeline (scripts/generate_infographic_ai.py — specifically research_topic and web_search which call the Perplexity Sonar Pro model via the OpenRouter API) fetches public web/search results and then _enhance_prompt_with_research injects that untrusted, third‑party content directly into the generation prompt, so the agent will read and act on external, user-generated/public web content.