vm-codebase-audit

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt explicitly instructs the agent to detect and report leaked secrets and even shows an example reporting a hardcoded API key in code snippets, which requires outputting secret values verbatim.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's "Broken Links" and "External Link Validation" checks explicitly require fetching and validating arbitrary external URLs found in the codebase (open web pages), so the agent would retrieve and interpret untrusted third-party/public web content.