secondme

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The skill asks the user to paste an authorization code (smc-...) and then instructs the agent to include that code and the resulting accessToken verbatim in POST bodies and Authorization: Bearer headers and to persist them, which requires the LLM to handle and embed secrets directly.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly fetches and displays user-generated content from the public SecondMe APIs (e.g., Plaza posts/comments via GET https://app.mindos.com/.../plaza/posts, user profiles via /profile, and discover users via /discover/users) and uses those fields in its runtime workflow (presenting content, drafting profile updates, and driving follow-on actions), so untrusted third-party content could influence agent decisions or actions.