brightdata-cli

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.80). The prompt includes an explicit insecure pattern—passing an API key directly on the command line (bdata login --api-key <key>), which would require the model to handle or emit the secret verbatim if it populated that placeholder; although env-var and OAuth alternatives are described, the direct CLI example is a high-risk pattern.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.85). The required runtime workflow for this skill involves the user running bdata scrape <url> / bdata pipelines <type> ..., which fetches and ingests outsider-authored free text from arbitrary user-supplied URLs (public web pages) into the CLI output/LLM context (indirect prompt injection risk via scraped page content).

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The docs include an explicit install command that fetches and executes remote code (curl -fsSL https://cli.brightdata.com/install.sh | bash), which would run external code as part of installing the required CLI dependency.