document-parsers

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt explicitly shows and instructs embedding API keys in code and CLI (e.g., api_key="llx-..." and --api-key llx-...), which requires the agent to handle and output secret values verbatim.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill fetches and parses arbitrary public web pages (see scripts/parse-html.py which supports URLs and uses requests.get to load remote HTML, and the templates/examples that call the HTML parser "From URL"), so the agent will ingest and interpret untrusted, user-generated third-party content from the open web, enabling indirect prompt injection.