find-scene

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill explicitly instructs including a user's API token as the _token field in every JSON request body (and shows an example token string), which requires the LLM to accept and embed secret values verbatim in generated requests/outputs, creating an exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md shows the skill calls external APIs (e.g., POST /api/get_text_source, /api/get_high_accuracy_text_source, /api/search_phrase, /api/get_srt_entries_by_time_range and /api/query_imdb) to ingest subtitle/text and IMDb data from public/untrusted sources and then uses those results to locate timestamps and drive downloads or other actions, so untrusted third‑party content can materially influence the agent's subsequent tool use.