web-scraper

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.80). The prompt contains code that directly embeds credentials (e.g., Bright Data proxy URL built from bright_data_config including password, and passing supabase_key into create_client), which encourages reading and placing secret values verbatim into requests or generated code/commands.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required workflow (Step 2 "Fetch the page" in SKILL.md) explicitly fetches and parses arbitrary public web pages (e.g., fetch_page(url), fetch_js_page with Playwright, and examples scraping https://en.wikipedia.org and example-store.com), so the agent ingests untrusted third‑party content that it reads and uses to drive extraction, pagination, and downstream actions.