docyrus-cli-app

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt explicitly shows and permits passing access tokens and Authorization headers directly on the command line (e.g., --accessToken, --headers '{"Authorization":"Bearer "}'), which encourages embedding secrets verbatim in generated commands and creates an exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly auto-downloads tenant OpenAPI specs via "docyrus discover api" and supports sending/receiving data to arbitrary external provider endpoints (e.g., "docyrus connect curl" and "docyrus connect run-action"), so the agent ingests untrusted third-party/user-provided API specs and provider responses as part of its workflow which can materially influence subsequent tool actions.