next-campaigns-setup

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). This skill explicitly asks for an API key and directs the agent to write that API key into config.js and campaigns.json, which requires the LLM to handle and embed the secret verbatim in generated output (high exfiltration risk).

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's required scaffold step runs campaign-init which fetches the starter template and AI context (CLAUDE.md) from the public GitHub repo https://github.com/NextCommerceCo/campaign-cart-starter-templates, so the agent will ingest external public content that could contain instructions affecting its behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill explicitly downloads starter templates at runtime (and installs an AI context file) from https://github.com/NextCommerceCo/campaign-cart-starter-templates and invokes campaign-init via npx, so remote content is fetched/executed at runtime and may install prompt-controlling AI context or run code.