icebreaker

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt's curl examples explicitly require embedding a user's Bearer token in the Authorization header (Authorization: Bearer {{YOUR_TOKEN}}), which would force an LLM to accept and output secret tokens verbatim into commands/requests, creating an exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly ingests user-generated content via /api/discover (returns candidate profiles with compatibility_narrative and social_proof) and /api/chat (inbound messages), and the doc instructs the agent to read and use those fields to craft icebreakers and make matching/swipe/chat decisions, exposing it to untrusted third-party content that could carry indirect prompt injections.