page-monitoring

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt contains multiple examples that embed API keys, webhook URLs, and email credentials directly into code/initialization (e.g., UptimeRobotClient('your-api-key'), slack_webhook and discord_webhook strings, and email_config username/password), which encourages including secret values verbatim in outputs and is therefore insecure.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). Yes — the skill explicitly fetches and parses arbitrary public web content (e.g., PageMonitor._get_page_hash uses requests + BeautifulSoup to load and extract content from URLs, RSSGenerator.add_from_page scrapes arbitrary pages, and the TwitterArchiver uses twarc to archive social media), and that untrusted content is read and used to decide changes, trigger alerts, and drive archiving/notifications, so third‑party content can materially influence agent actions.