cli-web-scrape

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The prompt includes examples and flags that pass Authorization headers, cookies, and proxy URLs (including user:pass) directly on the command line, which encourages embedding secret tokens/credentials verbatim in generated commands or outputs, creating an exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md Auto-Escalation Protocol and Consumer Skill Integration explicitly instruct the agent to fetch arbitrary public URLs (e.g., "scrapling extract get 'URL'") and read/validate the resulting /tmp/scrapling-out.md, so untrusted web content can be ingested and directly influence subsequent tool actions (escalation and fetch decisions), enabling indirect prompt injection.