FastAPI Customer Support Tech Enablement

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.80). The prompt contains hardcoded credentials and examples that embed secrets verbatim (e.g., DB connection strings with "password", SMTP login with a password, SECRET_KEY), which encourages the LLM to output or reproduce secret values directly and thus creates an exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill ingests and processes untrusted user-generated content—e.g., ticket creation endpoints (/tickets/), Comment models and attachment URL fields (HttpUrl), and the WebSocket chat endpoint (/ws/chat/{ticket_id})—which the agent reads, broadcasts, and returns as part of normal workflow, exposing it to indirect prompt injection risk.