leadgenius-api

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The prompt includes explicit examples that embed bearer tokens, API keys, and passwords directly into curl/CLI commands and shows storing and using token values (e.g., Authorization: Bearer , --password YourPassword, ~/.leadgenius_auth.json), which would require the LLM to include secret values verbatim when generating such commands—an exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly triggers scraping and enrichment of public web data (e.g., "Integration APIs" — "Start Apify Scrape" and the Settings/URL Enrichment entries in SKILL.md which configure external enrichment/service URLs used by the POST /api/leads/process/enrich flow), so it ingests untrusted third-party web content that can directly influence processing and downstream AI-driven actions.