triage-validation

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt requires "copy-paste ready" HTTP requests including "exact ... headers, body" and reproducible PoCs/evidence, which would force the agent to include Authorization headers, cookies, or API keys verbatim, creating an exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). SKILL.md explicitly directs the agent to fetch and read public program pages, HackerOne/Bugcrowd disclosures, GitHub issues, and Google search results (see Q5 and Gate 2), which are untrusted, user-generated web sources whose content is used to decide whether to kill or proceed with a finding.