get-qualified-leads-from-luma

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill asks the user for a Slack webhook URL and explicitly instructs the agent to use that URL in generated code/POST requests (and shows example code that would embed the webhook), which requires the LLM to handle secret values verbatim and thus creates an exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly scrapes public Luma event pages/attendee lists via the luma-event-attendees (Apify) scraper and feeds attendee bios/titles/event content into the lead-qualification tasks that the agent reads and uses to decide qualification and downstream actions, so untrusted user-generated content can materially influence behavior.