implementing-api-key-security-controls

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's Step 3 "Automated Key Leakage Detection" and the process_leaked_keys(leaks_file) workflow explicitly ingest results from public secret-scanning tools and GitHub (e.g., gitleaks/truffleHog outputs and GitHub secret-scanning alerts) and then automatically validate and revoke keys, meaning untrusted, user-generated content from public repos is read and directly influences revocation actions.