admapix

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt explicitly instructs the agent to insert user-provided API keys verbatim into a shell command (openclaw config set skills.entries.admapix.apiKey "{KEY}") and similar flows, forcing the LLM to handle and output secrets directly and thus posing an exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches and ingests open web ad creatives and app content (e.g., via POST /api/data/search and product-content-search which return imageUrl, videoUrl, originalUrl and generate_page H5 links) and the SKILL.md workflow requires the agent to read and analyze those untrusted, user-generated third‑party assets (and use them to drive analysis, routing, and follow-up actions), so third‑party content can materially influence agent behavior.