bmad-create-story

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.80). The workflow requires reading entire config/persistent files and to include "API endpoints with ... authentication" and full project/context contents in the generated story, which can force the agent to copy secret values (API keys, tokens, passwords) verbatim from those files into its output.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The workflow's Step 4 ("Web research for latest technical specifics") plus the earlier directive to "Utilize research subagents, subprocesses" explicitly require fetching and ingesting public web documentation and research (external third-party sites) and then including that content in the generated story, so untrusted web content can influence decisions and next actions.