pinch-to-post

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.80). The prompt instructs users to place application passwords and API keys directly into the skill config and shows curl/command examples that embed credentials (even if via env vars), meaning the agent may receive and could be required to include secrets verbatim in generated commands or outputs.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill directly fetches and interprets user-generated content from WordPress REST API endpoints (e.g., /wp-json/wp/v2/comments and /wp-json/wp/v2/posts as used in wp-rest.sh and SKILL.md) and uses that content to drive actions like comment moderation, publishing, health checks, and link-following—allowing untrusted third-party content to influence agent behavior.