analyzing-malicious-url-with-urlscan

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt's API example shows embedding an "API-Key: your-api-key" header and requires an URLScan API key for automation, which implies the agent would need to insert the user's secret API key verbatim into requests or generated commands, creating exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill submits and retrieves scans of arbitrary public URLs via the urlscan.io API (see SKILL.md "Step 1: Submit URL to URLScan" and the API calls in references/api-reference.md), and scripts/agent.py and scripts/process.py explicitly fetch /result/{uuid}/, /dom/{uuid}/ and screenshots and then parse DOM, network logs, and verdicts to make classifications and follow-up actions, exposing the agent to untrusted third‑party content that could contain instructions influencing behavior.