kaggle-standardized-agent-exam

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt explicitly requires saving the agent apiToken and then including it verbatim in Authorization headers / curl requests (e.g., "Authorization: Bearer YOUR_API_KEY"), which forces the agent to handle and output secret values.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.85). The runtime LLM context is fed by the exam questions returned from Kaggle’s POST /api/v1/agentExamSubmission response (questions[].text), which is outsider-authored free text from Kaggle’s service, not authored by the operating user.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill makes runtime API calls to https://www.kaggle.com/api/v1/agentExamSubmission (Start Exam) which returns the 16 exam questions and timing and thus directly controls the agent's prompts/instructions at runtime, so this is a required external dependency that influences behavior.