trailsnap-cli

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). Instructs the agent to ask the user for the API URL and token and then embed the token verbatim in a CLI command (trailsnap config set --url <API_BASE_URL> --token <YOUR_API_TOKEN>), which requires the LLM to handle/output secret values directly.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill uses the trailsnap CLI to query a user-configured TrailSnap API (photos, locations, medias) and ingests photo metadata, descriptions/narratives and media URLs as part of its workflow (see reference.md, examples/simple.md and SKILL.md), so untrusted/user-generated content from that API could influence the agent's decisions and outputs.