ln-002-session-analyzer

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt explicitly instructs reading and echoing full session JSON files (e.g., echo "ACTIVE: $(cat "$f")") and including session examples in reports, which can cause the model to read and output secret values verbatim.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly instructs fetching missing reference files via WebFetch from the public URL https://raw.githubusercontent.com/levnikolaevich/claude-code-skills/master/skills/{path} and mandates loading shared/references/meta_analysis_protocol.md, so the agent will ingest and act on publicly hosted third-party GitHub content that can influence its analysis and tool-use decisions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill specifies fetching runtime files via https://raw.githubusercontent.com/levnikolaevich/claude-code-skills/master/skills/{path} (and mandates loading shared/references/meta_analysis_protocol.md), so external raw GitHub content can be retrieved at runtime and directly control the agent's instructions/protocol.