duckducksearch

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.80). The prompt includes examples that embed credentials directly in proxy URLs and environment variables (e.g., "socks5://user:password@host:port"), which encourages including secret values verbatim in code/commands and therefore risks exposing secrets through the LLM output.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md shows the skill uses the duckduckgo-search DDGS APIs (e.g., Core Functionality "text"/"news"/"images" examples) and returns open-web fields like "href" and "body" (see Result Format), so it fetches and ingests untrusted public web content that could influence agent actions.