getting-started

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.80). The prompt instructs collecting and embedding API keys/verification codes directly into commands and configs (e.g., echoing export RECOUP_API_KEY into ~/.zshrc, Authorization: Bearer ... in MCP JSON, and including verification codes in curl requests), which requires the agent to handle/output secrets verbatim and thus creates exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill instructs the agent to call the Recoupable research endpoints (e.g., the "recoup research 'Drake'" command and the REST API https://recoup-api.vercel.app/api/research / MCP URL) which return structured data "pulled from 14 platforms" (public/social sources), so the agent will ingest untrusted, user-generated third-party content that can influence its decisions and actions.