sharebib

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The skill explicitly documents and prioritizes passing API keys via CLI flags (e.g., --api-key "…") and shows config/env examples, which encourages embedding user-provided secrets verbatim into generated commands or code, creating an exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's required workflow (SKILL.md) directs the agent to fetch and act on data from an arbitrary ShareBib instance via the configured base_url (e.g., running commands like sharebib papers search, collections export-bibtex, and users search), which consumes untrusted/user-generated paper and user metadata that the agent is expected to read and could materially influence subsequent actions.