scrypted

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The prompt includes examples that embed credentials verbatim (RTSP URLs with username:password, env var SCRYPTED_WEBHOOK_UPDATE_AUTHORIZATION=Bearer YOUR_TOKEN, ffprobe/curl examples), which encourages or would require an agent to place real secrets directly into commands/configs — an exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly instructs fetching and executing an installer from a public URL (curl https://raw.githubusercontent.com/koush/scrypted/main/install/docker/install-scrypted-docker-compose.sh) and documents configuring plugins/webhooks and ingesting RTSP/stream inputs from external sources, which are untrusted third‑party inputs the agent would fetch/interpret at runtime and could change behavior.