douyin-video-analyst

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill's workflow shows and requires running CLI commands that set API keys inline (e.g., DOUYIN_API_KEY="" mcporter ...), and instructs selecting/using those secret env values during calls, which would force the agent to handle or embed secret values verbatim—an exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly uses the browser tool to load and snapshot public Douyin account pages (Step 2 in SKILL.md) and then calls the douyin-mcp service to extract speech-to-text from public Douyin video URLs (Step 3), so it ingests untrusted, user-generated third‑party content which the agent reads and uses to drive summarization and next actions, creating a clear vector for indirect prompt injection.