implementing-security-information-sharing-with-stix2

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt includes example code that hard-codes and passes usernames/passwords (e.g., taxii Server constructor and TAXII_USER/TAXII_PASS used in requests.post), which instructs embedding secrets verbatim in generated code/requests.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's SKILL.md Step 6 and example code show the agent connecting to a TAXII 2.1 server (via taxii2client; e.g., taxii.example.com) and fetching/processing STIX objects from that external feed, which are untrusted third‑party data the agent reads and that can influence subsequent processing/publishing.