find-design-agency

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill explicitly instructs the agent to obtain and then place a bearer token (SERVICEGRAPH_TOKEN / OTP-derived token) into Authorization headers and example curl commands, which requires the LLM to handle and potentially emit secret values verbatim, creating an exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill explicitly fetches and ingests firm data from the public ServiceGraph API (https://api.servicegraph.co — e.g., GET /v1/search and GET /v1/get/<firm_id>), including external fields like firm URLs, social handles, and text metadata that the agent reads and uses to shortlist and decide next actions, thereby exposing it to untrusted third‑party content.