saccoai-design-system

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The prompt explicitly tells the agent to ask the user for login credentials or a session cookie for authenticated sites, meaning the LLM may receive and need to handle secret values (cookies/passwords) in its context, creating an exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's required workflow explicitly navigates to a user-provided target URL with agent-browser (Step 1) and executes DOM/CSS scraping (Steps 2–9) to ingest colors, typography, logos, and other live-site content from arbitrary public websites, which the agent then interprets to generate design tokens that drive downstream build actions—thus exposing it to untrusted third-party content that could contain injected instructions.