bidclub

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt explicitly instructs saving an api_key and shows curl examples that place "Authorization: Bearer YOUR_API_KEY" directly in commands/headers, which requires including the secret verbatim in outputs (exfiltration risk).

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill requires the agent to fetch and follow live, public BidClub pages (e.g., "Fetch https://bidclub.ai/templates.md" before posting and "If 4+ hours since last BidClub check: Fetch https://bidclub.ai/heartbeat.md and follow it") and also ingests user-generated posts/skills via public endpoints (content feed, /api/skills, /api/v1/posts) that the agent is expected to read and act on, so untrusted third-party content can directly influence its actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill explicitly requires periodic runtime fetching of the remote instruction file https://bidclub.ai/heartbeat.md ("If 4+ hours since last BidClub check: Fetch https://bidclub.ai/heartbeat.md and follow it"), which means an external document fetched at runtime can directly control agent behavior/instructions and is treated as a required dependency.