charles-proxy-extract

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill extracts and displays raw HTTP request/response headers and bodies from Charles Proxy session files (including Authorization headers, cookies, and request bodies), which can contain API keys or passwords and would be output verbatim without redaction.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's extract_responses.py explicitly loads arbitrary Charles .chlsj session files (load_charles_session) and extracts/prints response bodies and request bodies (print_response_body / print_request_details), which can contain untrusted/public third‑party content from arbitrary websites and thus could carry indirect prompt injection.