geomaster

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt includes code that constructs an AWSSession with aws_access_key_id and aws_secret_access_key provided inline (placeholders), which instructs embedding/exposing secret credentials directly in generated code or commands.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.75). High: the runtime workflow includes fetching public web content (e.g., STAC catalog items from https://planetarycomputer.microsoft.com/api/stac/v1 / other STAC endpoints) and then ingesting their metadata into the agent’s LLM context via pystac_client/odc.stac.load (free-form JSON/text from outsiders).