url-tools

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill includes examples that embed credentials directly in commands and URLs (e.g., curl -H "Authorization: Bearer TOKEN" and https://user:pass@...), which encourages including secrets verbatim in generated output.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill clearly fetches and processes content from open/public third-party sources (e.g., expand.sh and validate.sh use curl -L / curl -I on arbitrary URLs and shorten.sh calls is.gd, v.gd, tinyurl, cleanuri), and the agent is expected to read those responses (final destination URLs, shortened URLs, HTTP status) which directly influence decisions and follow-up actions, creating a plausible indirect prompt-injection vector.