spot-companies-using-specific-tech-stack

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). Because the workflow instructs the agent to collect a user’s 6‑digit verification code and then embed that code verbatim into a shell command (bash "$SIGNUP" verify "<user_email>" ""), the LLM would need to handle and output a secret value, creating an exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill directly queries the third-party OpenFunnel API (see api.sh calling https://api.openfunnel.dev and workflow steps like POST /api/v1/signal/get-signal-list and the post-deploy note that "This is now scanning job posts") and ingests user-generated job-post content which the agent reads and uses to decide deployments and next actions, creating a clear avenue for indirect prompt injection.