asana

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The prompt includes explicit commands that pass client_id/client_secret and OAuth codes as literal command-line arguments (e.g., --client-secret "..." and --code "PASTE_CODE_HERE"), which would require embedding sensitive values verbatim in generated output if the agent echoed or constructed those commands.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's runtime scripts (e.g., scripts/asana_api.mjs) call Asana's public API (https://app.asana.com/api/1.0) to fetch user-generated/workspace content such as tasks, task notes, and comments which the agent is expected to read and can influence follow-up actions per SKILL.md (list/view/search/update/comment/create flows), exposing it to untrusted third-party content that could carry indirect prompt-injection instructions.