saccoai-product-builder

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill explicitly tells the agent to "ask the user for credentials" to drive a headful agent-browser for authenticated extraction, which requires the LLM to receive and handle user secrets directly (risking verbatim inclusion or exfiltration).

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly instructs the agent to fetch and analyze target public websites (Phase 1: "If the target is a public website, invoke saccoai-website-analysis..." and references/analysis-playbook.md instructs using agent-browser to navigate to app URLs, capture pages/screenshots and network calls), so untrusted third‑party content is ingested and directly used to infer APIs/schemas and drive implementation decisions, enabling indirect prompt injection.