aeon-vuln-scanner

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.80). The skill scans for "verified leaked secrets", instructs triage to read file contents, and routes leaks to PVR with a "rotation request" and advisory POSTs (without specifying redaction), so the agent will likely need to handle and may be expected to include secret values verbatim in reports/requests.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly auto-picks targets from "chained github-trending output or fresh trending API" and its triage instructions require the agent to "Open the file at the reported line. Read 30-50 lines of context" — meaning it fetches and interprets untrusted public GitHub repo content as part of decision-making.