biorxiv-search

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt instructs the agent to ask the user for their Valyu API key and then run a shell command embedding that key verbatim (e.g., scripts/search setup <api-key> / example shows val_abc123...), requiring the LLM to handle and output the secret directly.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill queries public bioRxiv preprints via the Valyu API and returns full article text and images (see "Full-Text Access" and the results[].content / results[].url fields), so the agent ingests untrusted third-party content from bioRxiv.