saccoai-client-portal

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill instructs the agent to read and handle secrets (PORTAL_PASSWORD, REDIS_URL, RESEND_API_KEY) and explicitly tells the agent to print the auto-generated portal password and/or ask the user for env values, which requires including secret values verbatim in its output.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly navigates to and screenshots arbitrary preview URLs listed in .saccoai/variations/comparison.md (using agent-browser) and ingests untrusted reviewer/client content (uploaded feedback.json and feedback fetched from Upstash Redis) as part of its workflow, and those inputs are used to decide and trigger follow-up actions (e.g., running Phase 6 merges), so third‑party content can materially influence agent behavior.