review-analysis

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt instructs the agent to read an API key from .mcp.json and then embed that API_KEY verbatim into curl requests (e.g., "?key=${API_KEY}"), which requires the LLM to handle and output the secret directly.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches Amazon user-generated reviews via the Sorftime MCP product_reviews API (see SKILL.md steps saving SSE to $REPORT_DIR/data/raw_reviews_sse.txt from https://mcp.sorftime.com) and instructs the LLM agent to read/parse those reviews as core input for analysis and action, so untrusted third‑party content can directly influence agent decisions.