literature-search

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill explicitly tells the agent to ask the user for their Valyu API key and then embed that key verbatim in commands (e.g., scripts/search setup <api-key>) and example code, which requires the LLM to handle and output the secret value directly.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill searches and ingests full-text articles and images from public third-party sources (PubMed, arXiv, bioRxiv, medRxiv) via the Valyu API and returns their content for processing, exposing the agent to untrusted, user-published web content that could contain adversarial instructions.