http-fingerprinting

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The skill explicitly collects and outputs response headers (via curl -I and "capture all response headers") and includes header/value and cookie evidence fields, which can contain Set-Cookie/session tokens or other sensitive header values and therefore require handling secret values verbatim.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill's SKILL.md clearly instructs the agent to fetch and analyze HTTP responses from arbitrary URLs (see "collect_headers" curl {url} and "analyze_error_pages" analyzing 404 response bodies), i.e., untrusted public web content, and those parsed headers/bodies directly drive technology-detection outputs and subsequent decisions.