contentful

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt includes code examples that embed access tokens and management tokens as string literals (e.g., accessToken: 'your_access_token'), which instructs placing secrets directly in generated code/outputs and thus risks secret exfiltration.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill fetches and renders content from external Contentful spaces (e.g., client.getEntries, client.getAssets, documentToReactComponents rendering of rich text, and webhook handling of body.fields.slug in SKILL.md), which are third-party/user-managed content sources the agent reads and that can trigger actions (like revalidation), so untrusted content could indirectly inject instructions.