appwrite-typescript

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.80). This prompt includes insecure examples that hardcode plaintext passwords (e.g., 'password123') and show handling session secrets in ways that encourage copying/embedding sensitive values (extracting secrets from URLs and setting cookies), which can lead an agent to output secret values verbatim.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The SKILL.md includes code that reads and reacts to user-generated/public Appwrite content—e.g., realtime.subscribe callbacks, database reads (tablesDB.listRows/getRow) and storage file methods (storage.getFilePreview/getFileDownload) — and even shows Permission.read(Role.any()), so the agent could ingest untrusted third-party (public/user) content that can influence actions.