find-scene

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill requires every POST request to include a user _token in the JSON body (shown inline in examples), which means the agent would need to accept and embed the API token verbatim in generated requests—an explicit secret-exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill clearly ingests untrusted public content — e.g., arbitrary YouTube URLs via POST /api/youtube_url_to_video_source and subtitle/text sources via POST /api/get_text_source or /api/get_high_accuracy_text_source (per SKILL.md) — and then reads/searches those texts with POST /api/search_phrase to derive timestamps and drive subsequent downloads/actions, so third-party content can directly influence agent behavior.