api-billing-service-onboarding

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt asks the agent to collect API keys and explicitly shows patterns that embed raw secrets in commands/files (e.g., scripts/add-secret-key.sh <service_name> <api_key> and editing /tmp/secrets.json with "<service_name>": "<api_key>"), which requires the LLM to handle/emit secret values verbatim.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill explicitly requires creating and running adapters that fetch and parse data from external third‑party APIs (adapters/*.ts and the examples referencing api.resend.com, openrouter.ai, scrape.do, serper.dev, etc.) and asks the agent to gather/read API documentation URLs—responses from those untrusted public endpoints are consumed as part of the workflow and directly drive metrics/alarms/dashboards, so they can materially influence actions.