dns-intelligence

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill explicitly instructs retrieving and returning TXT record values and evidence.response (including verification tokens like google-site-verification=... or other service tokens) verbatim, which can expose secrets/verification tokens in the LLM output.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's SKILL.md explicitly runs dig queries (e.g., "dig +short TXT {domain}", "dig +short MX {domain}", "dig +short NS {domain}") to fetch public DNS records and then parses those untrusted, third‑party TXT/MX/NS/CNAME/SRV responses to detect services, meaning external content is read and can materially influence the agent's detections and subsequent actions.