pubmed-search

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill explicitly instructs the agent to ask the user for their Valyu API key and then run a shell command embedding that key verbatim (e.g., scripts/search setup <api-key>), which requires the LLM to handle and output the secret directly.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill fetches and returns full-text articles and image links from the public PubMed corpus via the Valyu search API (e.g., results[].content, results[].url from https://api.valyu.ai/v1 and https://pubmed.ncbi.nlm.nih.gov/), so the agent will read and interpret untrusted third‑party web content as part of its workflow.