engagelab-whatsapp-business

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill explicitly asks the user for their dev_key and dev_secret and instructs the agent to include them directly (e.g., in Authorization headers and curl commands), which requires the LLM to output secret values verbatim and creates an exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly ingests untrusted user-generated content via webhook callbacks (see SKILL.md "Callbacks" and references/callback-api.md which describe receiving "user response" events and message content), and those callback messages are intended to be parsed and can influence subsequent actions or decisions.