The Agent Skills Directory

Data Exposure & Exfiltration (MEDIUM): A hardcoded API key was detected in 'airbnb_search/search.py' (API_KEY = 'd306zoyjsyarp7ifhu67rjxn52tv0t20'). Although this is documented as a public frontend key, it matches the detection pattern for hardcoded credentials. The severity is reduced from HIGH to MEDIUM because the key is essential for the skill's primary functionality of providing unauthenticated access to Airbnb search.
Data Exposure & Exfiltration (LOW): The skill performs network requests to 'www.airbnb.com', which is not included in the trusted domain whitelist. This is a standard operation for the skill's purpose but is noted as a non-whitelisted external connection.
Indirect Prompt Injection (LOW): The skill exhibits an indirect prompt injection surface (Category 8). 1. Ingestion points: The 'search_airbnb' function in 'airbnb_search/search.py' fetches data from an external GraphQL API. 2. Boundary markers: Absent; listing data is printed directly to the console in 'airbnb_search/cli.py' without delimiters. 3. Capability inventory: The skill has network access and can write to the file system if directed by the agent. 4. Sanitization: None; listing names and descriptions are not escaped or filtered, which could allow instructions embedded in listing content to influence the agent.

airbnb-search