codebase-audit

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The prompt explicitly instructs the agent to run and parse secret-scanning tools (e.g., trufflehog), "show specific examples" and "Secrets found" with file:line and types, which implies including raw secret values or code snippets verbatim from tool output or files, creating an exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly instructs the agent to "Use WebSearch to look up current best practices" and to accept a user-provided URL to "use Chrome MCP to run a Lighthouse-style audit" (i.e., fetch and analyze arbitrary public web pages), which means it will ingest untrusted third‑party content as part of its workflow.