python

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill instructs the agent to ask the user for the VIDEO_DB_API_KEY if it's not set and implies passing a key to videodb.connect(), which requires the LLM to accept and potentially include the secret verbatim in code/commands.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly ingests arbitrary public URLs and user media (e.g., coll.upload(url="https://example.com/video.mp4") in SKILL.md and reference files), receives and processes live AI/WebSocket messages and webhooks from third-party streams (reference/capture.md and scripts/backend.py), and uses the extracted transcripts/visual descriptions as input to LLM workflows (e.g., coll.generate_text), so untrusted third‑party content can directly influence tool actions and LLM prompts.