wildix-send-message

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill asks the user to "Provide BOT_TOKEN" and instructs the agent to "save to .env" (and otherwise may echo tokens into commands), which requires the LLM to receive and embed secret values verbatim rather than only using environment-based auth, creating an exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's runtime scripts explicitly fetch and ingest user-generated content from the x-bees API (scripts/send-message.sh performs a GET to /v2/conversations/channels/{channelId}/messages/{messageId} to build the quote, and scripts/upload-file.sh GETs /v2/conversations/channels/{channelId}/files/{fileId} for attachments), and that untrusted third-party content is incorporated into outgoing message payloads, creating a clear avenue for indirect prompt injection.