codebase-audit

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt explicitly tells the agent to surface "secrets found by trufflehog", "hardcoded credentials", and "show specific examples" with file:line, which practically requires emitting verbatim secret values or code snippets containing them unless redaction is enforced.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly instructs the agent to "Use WebSearch to look up current best practices" and to "ask the user... Provide a URL" and then "use Chrome MCP to run a Lighthouse-style audit" on that URL (Performance testing section), which requires fetching and interpreting arbitrary public websites/URLs that can meaningfully influence subsequent audit actions.