spa-reverse-engineer

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt instructs building interception tools and includes code that decodes, logs, and stores request bodies, WebSocket payloads, and auth cookies (e.g., pplx.session-id), which will capture and output secret/token values verbatim.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill directly fetches and executes/interprets content from a public third-party site (e.g., curl and source-map extraction from https://www.perplexity.ai/, page.goto + CDP Runtime.evaluate of window.NEXT_DATA, content script injection, caches.keys and service worker interception), so it ingests untrusted web content that could carry indirect prompt-injection payloads.