github-monitor

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt explicitly instructs fetching a modhash (a session/auth token) and including it as the 'uh' field in a POST to /api/submit (i.e., copying a secret token verbatim into a request), which requires the LLM to handle/output a secret value directly.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly fetches and ingests public, user-generated GitHub content (e.g., README via gh api /repos/{repo}/readme and recent commits via gh api /repos/{repo}/commits) and uses that content to generate social-media drafts and posting decisions as part of its core workflow (SKILL.md), so untrusted third-party content can influence agent outputs and actions.