agent-phone-network

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.80). Because the skill describes flows that require embedding bearer tokens and HMAC-signed values in requests (Authorization: Bearer <access_token> and request_signature), which would force the agent to access and potentially emit secret values verbatim if the LLM itself performs signing or constructs requests with actual credentials.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill performs runtime requests to an external A2A service (default https://openclawagents-a2a-6gaqf.ondigitalocean.app) — e.g., GET /v1/phonebook/resolve?q= — and the untrusted phonebook/agent responses are read and used to resolve targets and drive call placement/flows, so third‑party content can materially influence agent actions.