dashboard

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The prompt explicitly instructs the agent to inspect environment variables (e.g., bash env | grep ...), and includes examples that place API keys directly into request headers/config, which creates a strong likelihood the agent will access and verbatim include secret values in outputs (exfiltration risk).

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's Data Source Discovery and workflow explicitly instruct the agent to use web_search/web_fetch and fetch public APIs and pages (e.g., CoinGecko docs, Hacker News via hn.algolia, github.com/public-apis/public-apis and other external API endpoints shown in the "Data Source Discovery" and "Multi-source Dashboard" examples), so the agent will ingest untrusted, user-generated third-party content and use it to make API selection and runtime decisions.