pp-movie-goat

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The prompt explicitly shows passing API keys verbatim on the command line (e.g., claude mcp add -e TMDB_API_KEY=<your-tmdb-key> -e OMDB_API_KEY=<your-omdb-key>), which would require an agent/LLM to insert raw secret values into generated commands and thus creates a high exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly fetches live data from public third‑party APIs (TMDb and OMDb are named in "description" and "Auth Setup"), and the agent is instructed to run commands with --agent to consume JSON results (see "Agent Mode" and many command examples), so untrusted external content could influence decisions like "tonight" or "versus".

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill requires installing and running a remote CLI installer which fetches and executes code at setup (e.g., go install github.com/mvanhorn/printing-press-library/library/media-and-entertainment/movie-goat/cmd/movie-goat-pp-cli@latest and npx -y @mvanhorn/printing-press install movie-goat), so those external sources are runtime dependencies that execute remote code.