dataforseo-content-analysis-api

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The prompt requires HTTP Basic auth (Authorization: Basic base64(login:password)) and explicitly lists "Credentials: DataForSEO API login + password" so an agent is likely to ask for and embed raw credential values (or their base64) into requests/commands, creating a high exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill calls DataForSEO live/task endpoints (e.g., https://api.dataforseo.com/v3/content_analysis/... per the docs/REFERENCE) to ingest and analyze public web text, search results, and user-generated content and then returns normalized summaries and raw payloads for the agent to read—exposing the agent to untrusted third‑party content that could carry indirect prompt injections.