upstash-redis-start

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). This skill instructs the agent to parse the Upstash response (including the Endpoint and Bearer Token) and then "use them directly" in curl/command/code (e.g., Authorization: Bearer ), which forces the LLM to handle and output secret values verbatim.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill explicitly instructs the agent to POST to the public endpoint https://upstash.com/start-redis and parse the markdown response (Database ID, Endpoint, Token, quickstart) returned by that third-party site, and those parsed values are then used to drive subsequent tool calls, so external content from that public site can materially influence agent behavior.