camelcamelcamel-alerts

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt instructs embedding a user-specific CamelCamelCamel RSS feed URL (containing a unique ID/token) directly into cron commands and script invocations, which requires the LLM to include secret-like values verbatim in generated output.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's scripts (scripts/fetch_rss.py and scripts/notify.sh) explicitly fetch and parse a user-supplied CamelCamelCamel RSS feed (https://camelcamelcamel.com/alerts/...) and then use the feed's titles/descriptions/links to trigger Telegram notifications, i.e., it ingests public third-party feed content and acts on it as part of its workflow.