contract-comparison

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt requires reading files/URLs and "quote exact text" into the generated CONTRACT-COMPARISON.md, so any embedded secrets (API keys, tokens, passwords, cookies) in the contracts would be reproduced verbatim and thus exfiltrated.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's SKILL.md (Trigger and Step 1) explicitly tells the agent to read files via WebFetch/URLs or pasted text ("Read both files using the Read tool (for file paths), WebFetch (for URLs), or use pasted text directly"), which means it ingests arbitrary public or user-provided web content that the agent must interpret and that can materially influence its analysis and recommendations, enabling indirect prompt injection.