FastAPI Customer Support Tech Enablement

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.80). The prompt contains hardcoded credentials and examples that embed secrets verbatim (e.g., DB connection strings with "password", SMTP login with a password, SECRET_KEY), which encourages the LLM to output or reproduce secret values directly and thus creates an exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill ingests and exposes untrusted user-generated content via multiple runtime endpoints (e.g., ticket creation /tickets/, comment models, file upload /tickets/{ticket_id}/attachments, and the WebSocket chat /ws/chat/{ticket_id} and chat/history endpoints), so the agent would read/interpret arbitrary third‑party input as part of normal workflow.