kalopilot

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill instructs the agent to ask the user for their KaloData token and shows commands and HTTP headers that embed the token verbatim (e.g., echoing "" into a file and Authorization: Bearer ), which requires the LLM to handle and output secret values directly.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly fetches and parses public/user-generated content — e.g., SKILL.md and references/utilities.md describe "URL lookup" for TikTok/Shopee/Lazada links and references/videos.md and references/products.md describe video script extraction and comment analysis — and the agent is expected to read and act on that external content as part of its workflow, so untrusted web content could influence behavior.