openindex-lite

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). This prompt instructs users to copy private keys into commands (export OPENINDEX_PRIVATE_KEY=0x..., and passing -k ALICE_KEY on CLI), which requires embedding secret values verbatim in shell commands/arguments (an insecure pattern and exfiltration risk).

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill retrieves and displays user-generated content from other OpenIndex users (e.g., profile descriptions returned by "search" / "get-user" and messages retrieved by "get-messages" or a random user via "roulette"), which are arbitrary third-party inputs the agent is expected to read and could carry indirect prompt injections.