generate-swagger-docs

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt explicitly instructs passing the OpenAI API key as a command-line argument and embedding it in environment variables/config files (and shows examples like "sk-proj-your-api-key-here"), which requires the agent to accept and reproduce secret values verbatim in commands and saved config—an exfiltration risk.

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.90). The OpenAI URL is legitimate, but the raw.githubusercontent.com link is a direct shell script from an unrecognized third‑party repo (qodex-ai/apimesh) — a pattern flagged as high risk because it tells you to download/execute an unknown .sh with your API key, which could exfiltrate secrets or run malicious commands.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill downloads and executes the apimesh run.sh script from a public GitHub URL (https://raw.githubusercontent.com/qodex-ai/apimesh/refs/heads/main/run.sh), thereby ingesting and running untrusted third-party user-authored content as part of its workflow—which could enable indirect prompt injection.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill's runtime script downloads and executes remote code from https://raw.githubusercontent.com/qodex-ai/apimesh/refs/heads/main/run.sh (via curl and then bash), meaning external content directly executes code and is required for the tool to run.