rain-data

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The prompt includes example code that embeds API keys/WS RPC URLs (subgraphApiKey, wsRpcUrl with KEY) which encourages inserting real secret values directly into generated code or config, forcing the LLM to handle/output secrets verbatim.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill's SKILL.md shows it fetches and subscribes to public, user-generated blockchain/subgraph data and live feeds (e.g., getPublicMarkets, getTransactions, getLeaderboard, and subscribePriceUpdates which require subgraphApiKey/wsRpcUrl), so the agent will read external, untrusted third‑party content (market titles, trades, transaction data, event payloads) that could materially influence its actions.