moca-credential-verifier

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The skill explicitly instructs use of Bearer access tokens and shows CLI examples with --access-token and Authorization headers, which can require the agent to insert secret tokens verbatim into commands or requests, creating exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill directly fetches program listings from the public VP API (scripts/moca-list-programs.mjs calls GET {vpApiUrl}/vp/mocaproof/search) and posts to the public Moca Chain API (scripts/moca-verify-by-agent.mjs calls POST {mocaChainApiUrl}/credentials/verify-by-agent), and it parses those external responses (program listings, issueUrl, and verification status) as part of its required workflow to choose programId, display issuance links, and drive next actions—so untrusted third‑party content can materially influence behavior.