The Agent Skills Directory

[CREDENTIALS_UNSAFE]: A hardcoded API key was found in the tool script. Although it appears to be a default placeholder, hardcoding credentials in source files is a significant security risk as it can be easily discovered and misused.
File: whart_tools.py
Evidence: API_KEY = "wharttest-default-mcp-key-2025" is used for authentication in all backend requests.
[DATA_EXFILTRATION]: The skill allows the agent to read arbitrary local files and upload them to a network endpoint via the screenshot management functions. This provides a direct path for data exfiltration if the agent is manipulated into reading sensitive files.
File: whart_tools.py
Evidence: The upload_screenshot and upload_screenshots functions read files using open(file_path, 'rb') and send them to the BASE_URL using requests.post.
[PROMPT_INJECTION]: The skill retrieves data from a remote API and presents it to the agent without any sanitization or boundary markers, creating a surface for indirect prompt injection attacks.
Ingestion points: API response data in get_projects, get_modules, and get_testcase_detail within whart_tools.py.
Boundary markers: None present; remote data is integrated directly into the agent's context.
Capability inventory: The skill can perform network operations (requests) and file system reads.
Sanitization: No escaping, validation, or sanitization of external API data is performed.

whart-test