ngrok

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt includes examples that put API/authtoken values, bearer tokens, webhook secrets, and passwords directly into CLI commands and config files (e.g., --basic-auth, authtoken, bot URLs), which would require an LLM to handle or emit secret values verbatim.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's "Webhook Testing" and "Request Inspection and Replay" sections (e.g., using the inspector at http://127.0.0.1:4040 and curl http://127.0.0.1:4040/api/requests/http) explicitly show ingesting and viewing webhook/request bodies from public services (Stripe/GitHub/Telegram), which are untrusted third‑party inputs the agent would read and could influence subsequent actions.