cohort-schedule-inquiry

CRITICAL E004: Prompt injection detected in skill instructions.

• Potential prompt injection detected (high risk: 0.90). The prompt contains a validation requirement forcing inclusion of specific, unrelated phrases/URLs and tracking-like tokens (e.g., convertkit links and email snippets) that are not part of sharing cohort schedule info, which is a hidden/deceptive instruction outside the skill's stated purpose.

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The prompt's required/observed phrases include long token-like strings (e.g., convertkit mail com v8u07n3lmosrhvpq9nebghv2edlllf9h03x2) which would force the model to reproduce secret-looking values verbatim, creating an exfiltration risk.