pytest

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The prompt contains multiple hard-coded credentials (database URLs with user:password, CI env vars like POSTGRES_PASSWORD, and inline connection strings) and examples that embed them directly in code/config, which encourages emitting secret values verbatim.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill contains explicit examples that call and parse responses from external, potentially user-provided endpoints (e.g., requests.post/requests.get for CRM sync and webhook delivery using WebhookSubscription.url and reading response.json() in the "Testing External API Integration" and "Testing Webhooks" examples), so it clearly ingests untrusted third‑party content that the agent would read/interpret.