shodan-reconnaissance

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt includes examples that embed API keys directly in commands, curl URLs, and literal code (e.g., shodan init YOUR_API_KEY, curl ...?key=YOUR_KEY, API_KEY = 'YOUR_API_KEY'), which requires the agent to insert secret values verbatim into outputs — an exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md explicitly instructs the agent to query and download data from Shodan (via shodan search, shodan download, shodan host and direct API calls) including untrusted third-party content such as service banners, http.html/http.title fields and screenshots, which the agent is expected to read/parse as part of its workflow and could materially influence follow-up actions.