compliance-review

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill asks the user for "test credentials" and includes example YAML/browser automation that embeds credential values (e.g., passwords) directly into generated tests/files, which requires the LLM to handle and output secrets verbatim.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly asks for a user-supplied "Target URL" in Phase 2 and then opens a browser session to navigate and validate live pages (Phase 3 "Browser validation"), meaning it fetches and interprets arbitrary public/third-party web content which could contain instructions that materially influence subsequent checks and actions.