medrxiv-search

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt instructs the agent to ask the user for their Valyu API key and then run commands like scripts/search setup <api-key> (and shows examples embedding api_key directly in code), which requires the LLM to include secret values verbatim in generated commands/code and thus exposes them.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill fetches and returns full article text and images from public medRxiv preprints via the Valyu API (https://api.valyu.ai and medrxiv.org), which are third‑party/public user-authored content the agent will read and interpret.