mthds-inputs

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The skill instructs the agent to read user-provided files (notably .txt/.md) and embed their raw contents into generated inputs.json (and report those contents/paths), which would force the LLM to output any secrets contained in those files verbatim.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's Document Generation and Fallback Strategy explicitly instruct downloading/using public test file URLs (e.g., "Last resort — use a public test PDF URL" and "use public test file URLs as fallback"), which means it can fetch open/public third‑party content that the agent would ingest as inputs and could therefore influence downstream behavior.