compliance-review

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt explicitly asks for "Test credentials" and includes example YAML steps that embed plaintext credentials (e.g., "testpass123"), which requires the agent to accept and output secret values verbatim in generated tests and reports.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's Phase 2/Phase 3 workflow explicitly requires opening a browser session against a user-specified Target URL and performing browser validation (navigating pages, inspecting page content, console logs, localStorage, and payment flows), which clearly fetches and interprets arbitrary third-party web pages as part of its runtime checks and could enable indirect prompt injection.