Bun Macros

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill explicitly describes macros that read process.env keys and inline their values into bundled output (e.g., env("API_URL") -> const apiUrl = "https://..."; and requireEnv("API_SECRET")), which requires emitting secret/environment values verbatim into generated code, creating an exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill includes an async macro (macros/fetch.ts -> fetchSchema) that performs a fetch("https://api.example.com/schema.json") at build time and inlines the returned JSON, which clearly ingests external, potentially untrusted third‑party content for the agent to read/interpret.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The async macro fetchSchema fetches remote JSON at build time from https://api.example.com/schema.json and inlines it for code generation, so this URL is fetched during the skill's runtime (bundling) and can directly control generated code.