claw-tracker

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt includes examples and CLI/code parameters that pass API keys directly (e.g., --api-key "sk-..." and api_key="sk-..."), which would require an agent to accept and embed secret values verbatim into generated commands or code, creating an exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). Yes — the tracker explicitly fetches public, user-generated tweets from Nitter (e.g., scripts/timeline_fetcher.py calling camofox_fetch_page against nitter.net via Camofox) and feeds the raw tweet text into the LLM (scripts/attitude_analyzer.py) to drive attitude labels and downstream recording/behavior, so untrusted third-party content is ingested and can materially influence actions.