revision-external-api

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.80). The prompt requires using a Bearer API key for all requests and instructs the user must provide an API key (and shows Authorization headers like Authorization: Bearer <api-key> / Bearer $API_KEY), which can encourage the agent to request and embed secret tokens verbatim in generated curl commands or code (exfiltration risk), even though placeholders/env-var usage is shown.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's SKILL.md workflow requires the agent to query a user-supplied, organization-specific Revision URL (e.g., GET /api/external/components and GET /api/external/diagrams in "Workflow: Create a Diagram with Components") and to read those workspace components/diagrams (user-generated/freeform fields) to decide whether to reuse or create resources, so untrusted third-party content can directly influence agent actions.