emdash-cli

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt explicitly shows embedding API tokens and auth headers directly in command-line flags and examples (e.g., --header "X-API-Key: secret123"), which would require the agent to include secret values verbatim in generated commands or outputs.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md clearly documents "Remote commands" that talk to a running EmDash instance via HTTP (e.g., npx emdash content get / types against https://my-site.pages.dev), meaning the CLI fetches live CMS content and schema (user-generated/untrusted third‑party content) which the agent reads, converts, and uses to drive create/update/publish actions—so external content can materially influence subsequent tool behavior.