open-targets-search

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill explicitly instructs the agent to ask the user for their Valyu API key and then run a setup command embedding that key as a command-line argument (scripts/search setup ), which requires the LLM to handle and output the secret verbatim.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly calls Valyu's /search API and returns results that include URLs and full content from the public Open Targets site (see SKILL.md sections "API Endpoint", the scripts/search usage, and the example output with results[].url and results[].content), so the agent ingests untrusted third‑party web content that can influence its decisions.