blast-conector

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). El skill instruye explícitamente a guardar y poblar .env.local con claves (incluye ejemplos como OPENAI_API_KEY="sk-..." y STRIPE_SECRET_KEY="sk_live_...") y realiza handshakes que implican persistir credenciales, por lo que el agente tendría que manejar/emitir valores secretos verbatim (alto riesgo de exfiltración).

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's Phase 3 "Handshake Automático" and the listed MCP integrations (e.g., @notion-mcp, @supabase-mcp, @github-mcp, Stripe, etc.) indicate it will connect to and test external third‑party services and APIs (and open their login pages), ingesting and interpreting responses/user content from those public services as part of its workflow.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). Yes. The skill explicitly targets payment gateway integration: the MCP list includes "@stripe-mcp → Procesamiento de pagos" and the .env template contains STRIPE_SECRET_KEY and STRIPE_PUBLISHABLE_KEY. The skill's purpose is to verify credentials, perform handshakes, and configure external services (including Stripe), which are specific, explicit payment-related integrations (not just generic API tooling). Therefore it meets the criterion for direct financial execution capability.