pachca-bots

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.80). The prompt tells the agent to ask the user for the bot access token if unknown and to include an Authorization: Bearer token in API requests (with examples of curl headers), which requires the LLM to accept and potentially embed secret values in generated requests/commands.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly ingests user-generated, untrusted content from incoming webhooks and the webhooks events API (see "Обработать входящий вебхук‑событие", the "link_shared" unfurl flow, and GET /webhooks/events in SKILL.md and references) and requires the agent to parse and act on that content (e.g., unfurl links, handle button callbacks), so third‑party content can materially influence behavior.