find-pr-agency

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). This skill explicitly instructs the agent to obtain bearer tokens (from env/.env or by asking the user for an OTP/code) and to set Authorization: Bearer on requests (with curl examples showing inlined tokens), which can force the LLM to handle and potentially emit secret values verbatim.

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). The skill explicitly instructs agents to search for and silently use bearer tokens from shell environment and project dotenv files (".env.local", ".env") — including the directive "If you find it, use it; don't ask" — which is a clear credential-theft/exfiltration pattern and enables covert access; no other backdoor or remote-exec patterns were found.