x-security

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.80). The prompt includes an explicit example that places an API key directly in a command-line argument (x shodan --cfg key=), which instructs embedding secret values verbatim into generated commands and therefore creates an exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly directs the agent to fetch and act on public Internet-host data via Shodan (e.g., x shodan host, x shodan scan, x shodan download) which returns untrusted third‑party host/banners that the agent is expected to read and use to drive reconnaissance and follow-up actions, creating a clear avenue for indirect prompt injection.