langfuse-api

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt instructs the agent to ask for API credentials and shows example commands that embed the public and secret keys directly (e.g., curl -u "${LANGFUSE_PUBLIC_KEY}:${LANGFUSE_SECRET_KEY}"), which requires the LLM to handle and output secret values verbatim.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly fetches and reads user-generated traces and prompts from a third-party Langfuse host (e.g., GET /traces and GET /prompts against {LANGFUSE_HOST} such as https://cloud.langfuse.com), so the agent will ingest untrusted, user-provided content that could contain indirect prompt injections.