attio-deploy-integration

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt includes concrete secret-like values (e.g., sk_prod_xyz, whsec_prod_abc) and shows commands that embed them verbatim (fly secrets set ..., echo -n "sk_prod_xyz" | gcloud ...), so an agent following the skill would output or transmit secrets directly.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly ingests and processes third-party Attio data (calls to https://api.attio.com/v2, the health check fetching /objects, and the api/webhooks/attio.ts handler plus scripts/register-webhook.ts) so webhook payloads or API responses from external Attio accounts could influence runtime processing and actions.