exploiting-excessive-data-exposure-in-api

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The provided skill includes code that sends authenticated requests and scans/intercepts responses for sensitive patterns, then prints matched values (including API keys, JWTs, tokens, etc.), which requires the agent to read and output secret values verbatim.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches and analyzes arbitrary API responses from provided endpoints (see SKILL.md workflow steps including REST and GraphQL queries) and scripts/agent.py (test_endpoint/--url calling requests.get/post on BASE_URL or user-supplied URLs), so untrusted third‑party JSON/html is ingested and directly influences the agent's analysis and follow-up decisions.