alibabacloud-milvus-manage

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The skill asks the agent to request authentication credentials (URI/token) for pymilvus and gives an explicit code example inserting token and URI into client construction, which encourages embedding secrets verbatim in generated code/commands and thus creates an exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's data-plane explicitly accepts and processes arbitrary public URLs and user-provided content (e.g., references/vector.md and references/collection.md show search/insert with image/URL inputs and mm_value URLs/base64 for embedding functions), which means the agent's workflow will ingest untrusted third-party content that could influence embeddings, search results, and subsequent actions.