where-your-customer-lives

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt explicitly echoes and includes shell expansions of GITHUB_TOKEN (e.g., echo "GITHUB_TOKEN: ${GITHUB_TOKEN:-...}" and inline assignment in the fetch command), which would cause any set token to be printed or embedded verbatim in outputs/logs, creating a direct secret-exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill (see scripts/fetch.py and SKILL.md) explicitly fetches and parses untrusted, user-generated content from Reddit public JSON/about.json, the Hacker News Algolia API, and DuckDuckGo HTML search results and then uses those results to compute channel scores and generate actionable playbooks/entry tactics that directly influence agent decisions.