labarchive-integration

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The prompt contains examples that place API keys/passwords directly into config files and command-line arguments (e.g., config.yaml with access_password and commands like "--password AUTH_TOKEN"), which would require an agent to insert secret values verbatim into outputs and thus poses a high exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill programmatically fetches and ingests content from external, user/third‑party sources (e.g., references/integrations.md shows importing Protocols.io via fetch_protocol_from_protocolsio and sync_redcap_to_labarchives which pull Protocols.io/REDCap/SciSpace/Qeios content and then use protocol_data['html_content'] or formatted exports as entry content), meaning the agent will read and process untrusted, user-generated web content.