cloud

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill explicitly accepts a user-provided SHIPLIGHT_API_TOKEN and instructs the agent to append it to the project's .env (i.e., handle the secret value verbatim), creating an exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's required workflows call the Shiplight cloud API (e.g., get_test_case, get_function, GET /test-case-results and S3 artifact downloads from https://api.shiplight.ai) to download user-created test case YAML, templates, and TypeScript functions and then instruct the agent to parse/convert and act on that content (e.g., modify YAML, interpret report[0].resultJson, trigger runs), so untrusted user-generated content from those endpoints could indirectly inject instructions that change agent behavior.