find-recruiting-firm

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt explicitly instructs the agent to read SERVICEGRAPH_TOKEN from env/.env and "set Authorization: Bearer " on authed requests (with curl examples), which requires the LLM to handle and potentially emit secret token values verbatim in commands/requests.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill explicitly drives the third-party ServiceGraph API (https://api.servicegraph.co) — e.g., GET /v1/search and GET /v1/get return firm profiles, URLs, social links and free-text metadata — and SKILL.md requires the agent to read and act on those responses to shortlist/enrich firms and decide follow-up calls, so untrusted third-party content can materially influence the agent's decisions and actions.