admapix

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The prompt instructs the agent to accept a pasted API key and run a command that substitutes the raw key (openclaw config set ... "{KEY}") and to include the user's api_key in requests, which requires embedding secret values verbatim into generated commands/requests (high exfiltration risk) despite some uses of env vars elsewhere.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's runtime workflow (SKILL.md) explicitly fetches and ingests public third‑party content — e.g., creative assets and H5 pages from https://api.admapix.com (search, product-content-search, content-detail returning imageUrl/videoUrl/page_url) and structured HTML reports from https://deepresearch.admapix.com/files/{task_id}/report.html — and instructs the agent to read and act on those summaries/pages as part of its analysis, so untrusted/user-generated content can materially influence tool use or next actions.