collavre

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The setup example instructs supplying an OAuth token on the command line (collavre auth --token <oauth_token>), which requires embedding a secret verbatim in a generated command and matches the insecure pattern of passing secrets as CLI arguments.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The CLI explicitly connects to a user-configured remote MCP server and ingests Server-Sent Events in scripts/collavre (connect()), using the first SSE "data:" message to set the session URL and processing subsequent JSON/markdown including descriptions and recent_comments returned by creative_retrieval_service (references/tool-reference.md and printResult), so untrusted, user-generated third-party content can directly influence the client's network targets and parsed outputs.