evaluate-findings

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The prompt explicitly requires including the "full function or logical block" from referenced code in the agent's output and presents findings verbatim with no guidance to redact secrets, so any hard-coded API keys/passwords in that code would need to be reproduced in the output.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's SKILL.md explicitly instructs spawning a Devil's Advocate subagent that uses external research tools (e.g., "WebSearch/WebFetch as fallback") so the agent will fetch and interpret public web content (untrusted third-party sources) that can alter its verdicts and actions.