podcast

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt instructs asking the user for an OpenAI API key if not in env and shows a command that embeds the key via --api-key (direct CLI arg), which requires the LLM to handle and output the secret verbatim.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill's SKILL.md Step 1 explicitly fetches and analyzes user-provided URLs and tweets (via WebFetch / api.fxtwitter.com), articles, PDFs and GitHub repos as part of the required "Source Collection & Analysis" pipeline, so untrusted public content is ingested and used to drive script writing, TTS generation, and uploads — enabling indirect prompt injection.