ui-layout-analyzer

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.80). The prompt instructs the model to "recognize and include all text visible in the image," which would force the model to output any secrets (API keys, tokens, passwords) present in screenshots verbatim, creating an exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly requires the agent to "Analyze the provided UI screenshot" and to "Recognize and include all text visible in the image," meaning the skill ingests user-supplied/untrusted UI images (user-generated third-party content) that the agent must read and which can materially influence its analysis and actions.