upstash-box-py

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The prompt includes examples that pass API keys and bearer tokens directly as literal strings (e.g., "sk-...", "Bearer ...", webhook headers, mcp server headers, env={"API_KEY":"..."}), which encourages embedding secrets verbatim in code/commands and thus creates a high exfiltration risk.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The MCP server URL (https://mcp.example.com/sse) is explicitly passed to Box.create as an mcp_server and is used at runtime to stream model context/instructions to the agent, so it can directly control prompts.