rowan

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt includes examples that embed API keys and webhook secrets directly in code and print them (e.g., rowan.api_key = "your_api_key_here", export ROWAN_API_KEY="...", print(f"Your webhook secret: {secret.secret}")), which requires the LLM to handle and potentially output secret values verbatim — a high exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's SKILL.md explicitly shows using rowan.create_protein_from_pdb_id() (e.g., "If you have a PDB ID, use rowan.create_protein_from_pdb_id()") to import public PDB entries, which are untrusted third‑party web content that the agent reads and uses in docking/cofolding workflows and thus can materially influence subsequent tool actions.