scraping

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The prompt contains explicit examples that embed API keys, bearer tokens, and plaintext credentials directly into command-line invocations (e.g., Authorization "Bearer YOUR_TOKEN", -u username:password), which encourages the LLM to include secret values verbatim in generated commands or code.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). This skill explicitly fetches and navigates arbitrary public websites and APIs (e.g., "http get https://news.ycombinator.com/", "http get https://example.com", and "navigate-browser --url ...") and parses/extracts HTML/JSON, so the agent will read and interpret untrusted, user-generated third‑party web content that could carry indirect prompt injection.