58pic

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill asks users to input their API key and shows/run commands that embed the raw key (e.g., --api-key "sk_用户的key" and Authorization: Bearer <api_key>), which requires the model to handle/output secret values verbatim.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill fetches and ingests public, user-generated content from the open 58pic API and CDN (e.g., search.py calls https://ai.58pic.com/api/?r=open-platform/search-images and saves preview_url/download_url into results files, preview.py embeds those preview_url values into the generated preview.html, and ai_generate.py accepts arbitrary --ref-url/--ref-urls which are passed as reference_image_urls to the same-style API), so untrusted third-party content is read and directly used to drive downloads and AI-generation actions.