managing-temp-scripts

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill explicitly asks for API credentials and its examples embed them verbatim into created scripts and Bash commands (e.g., passing {api_key} as a CLI argument or interpolating into Authorization headers), which forces the LLM to output secret values directly.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly creates and runs temporary scripts that fetch and scrape open web and social content (e.g., the Reddit API client, Twitter/GitHub clients, scraper.js using axios/cheerio against arbitrary URLs like https://news.site and examples scraping https://news.ycombinator.com), so the agent will ingest untrusted, user-generated third‑party content as part of its workflow.