voice-ai-development

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The skill includes code examples and explicit placeholders that set API keys as string literals and use them directly in headers/clients (e.g., OPENAI_API_KEY = "sk-..."), which encourages embedding secrets verbatim into generated code/requests and thus creates a high exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md includes webhook and streaming examples that ingest untrusted user-generated content—e.g., the Vapi webhook handling event["transcript"] and function-call events and the Deepgram on_transcript handler that calls handle_user_input—so third-party transcripts can be read and drive actions/tools.