quark-mswnlz-publisher

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The prompt forbids echoing tokens and uses environment-variable-based auth for API tokens, but it explicitly requires the agent to generate and return share links including extraction passcodes (and even shows an example ghp_ token), which forces the LLM to handle and output secret values verbatim — a high exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). Flagged because scripts/mswnlz_publish.py explicitly fetches mswnlz repository descriptions from the public GitHub API (https://api.github.com/users/mswnlz/repos) and uses those untrusted, user-generated descriptions to classify items and decide target repositories (affecting commits/pushes and notifications), and the workflow also copies user-uploaded promotional files from a public Quark Drive template folder—both are third‑party inputs that the skill reads and that materially influence actions.