linkedin-job-post-to-buyer-pain-map

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt builds curl requests that include the GEMINI_API_KEY directly in the URL/query string (as ?key=$GEMINI_API_KEY), which instructs the agent to place an API key in command-line/output form and therefore risks exposing the secret verbatim.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly asks users to paste LinkedIn job posts / job_description_text (Step 2c in SKILL.md and README) and then ingests that untrusted, user-provided third‑party content in Steps 3–5 to extract signals, score accounts, and drive outreach/handoff decisions—allowing injected instructions in those job posts to influence tool outputs and next actions.