deepeval

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt includes examples that require embedding API keys directly (e.g., --openai-api-key=..., .env with OPENAI_API_KEY="sk-...") and a CLI invocation pattern that would cause secrets to be placed verbatim into commands, which is an insecure credential-handling pattern.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill includes explicit functionality to pull and ingest public third-party datasets (e.g., EvaluationDataset.pull(alias="...", public=True) / "Pull public dataset" in references/dataset_management.md), which the agent will load and interpret as test cases/contexts—exposing it to untrusted, user-provided web content that could carry indirect prompt-injection payloads.