reverse-engineering-api

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The skill instructs capturing HARs (including login flows and Authorization/cookie headers), extracting request headers and authentication patterns, and generating API clients from that data — which implicitly requires reading and may embed verbatim tokens/cookies from the HAR into generated requests, creating a high exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill explicitly drives a browser (Playwright MCP) to arbitrary sites (see SKILL.md Playwright MCP / mapper.py and sitemap.py usage) and loads/parses captured HAR files (har_analyze.py / har_utils.py reading response bodies from ~/.reverse-api/runs/har/{run_id}/recording.har), so it ingests and interprets untrusted third-party web content as part of its workflow.