perplexity-search

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The prompt includes examples that embed an OpenRouter API key directly in commands (e.g., export OPENROUTER_API_KEY='sk-or-v1-your-key-here' and python scripts/setup_env.py --api-key sk-or-v1-your-key-here), which encourages passing secrets as literal CLI arguments or in outputs and therefore requires or tempts the LLM to handle/output secret values verbatim.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly performs real-time, web-grounded searches via Perplexity through OpenRouter (see SKILL.md "Perform AI-powered web searches" and scripts/perplexity_search.py) and documents agentic models like "sonar-pro-search" that explore and synthesize public web sources, so the agent ingests untrusted third-party web content that can materially influence its outputs and actions.