yutori-scout

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill requires passing a user-provided webhook_url directly into the create_scout call (and instructs confirming the URL with the user), which forces the LLM to accept and include a potentially secret-bearing URL verbatim in its output/tool call.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The SKILL.md workflow explicitly instructs creating Yutori Scouts that monitor and ingest content from public third-party sources (news sites, SEC filings, social media, arbitrary web sources) via create_scout and get_scout_updates, so the agent will read and act on untrusted external content.