labarchive-integration

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt includes examples that require embedding API keys/passwords verbatim (e.g., config.yaml fields, initializing Client(api_url, access_key_id, access_password), and a CLI example passing --password AUTH_TOKEN), which forces the LLM to output secrets directly and thus is insecure.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches and ingests user-generated content from public third-party services (e.g., Protocols.io) and then inserts that content into notebook entries and metadata—see SKILL.md "Third-Party Integrations" and references/integrations.md (the import_protocol_to_labarchives example which fetches protocol_data['html_content'])—so external, untrusted content is read and used to drive API actions and could carry indirect prompt-injection instructions.