developer-growth-analysis

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill instructs the agent to read local chat history including pastedContents and to include "specific evidence from chat history" in the generated report and Slack messages, which could require reproducing API keys, tokens, or passwords verbatim — creating an exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly instructs using Rube MCP (RUBE_SEARCH_TOOLS) to search and curate articles from HackerNews (a public, user-generated site), and to read/interpret those posts to select and describe learning resources that are then incorporated into the report and sent via Slack, so untrusted third-party content is ingested and can influence actions.