email-delivery

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The prompt includes a concrete code example that hardcodes an API key literal (const resend = new Resend('your_resend_key_here')) and placeholder env var assignments, which encourages embedding secret values verbatim in generated code or outputs.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill fetches arbitrary external URLs for URL-based attachments (see sendWithUrlAttachment in templates/attachment-email-template.ts and examples/attachments/README.md which call fetch/requests.get on fileUrl), so it clearly ingests untrusted, third‑party content as part of its runtime email/attachment workflow.