azure-aigateway

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The prompt includes explicit commands that embed subscription/API keys into request headers and shows retrieving subscription keys (e.g., az apim subscription keys list and curl with -H "Ocp-Apim-Subscription-Key: "), which would require the LLM to handle or emit secret values verbatim if concrete keys are provided.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's pattern for importing an API (references/patterns.md) explicitly instructs fetching an OpenAPI spec from a public raw.githubusercontent.com URL (and links to public GitHub/docs), meaning the agent is instructed to ingest open/public third-party content that can alter gateway behavior.