spoonos-platform-integration

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The prompt includes insecure patterns: a slash command that accepts a "token" and sends it verbatim into agent.run ("Analyze token: {token}") and an example curl webhook URL embedding a bot token, both of which require the LLM to receive and potentially output secret values directly.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill directly ingests and passes untrusted, user-generated content to the agent via Telegram and Discord message handlers (handle_message/on_message and commands), the public REST API /v1/query endpoint, and the webhook processor for external sources like GitHub (process_webhook), so third‑party payloads are read and used to drive agent.run and thus could contain indirect prompt-injection instructions that materially affect behavior.