computer-control

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt includes examples that embed an API key literally (export ANTHROPIC_API_KEY="sk-ant-..." and api_key="sk-ant-...") which requires the agent to handle and potentially output secret values verbatim, an insecure pattern.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's SKILL.md shows the agent capturing screenshots and controlling a browser/desktop (e.g., Quick Start example "Open Firefox and search for Claude AI" and the "Testing web applications through visual interaction" guidance), meaning it will ingest arbitrary public web/third‑party content visible on the screen that can influence subsequent mouse/keyboard actions.