hologres-ad-campaign

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt explicitly instructs the agent to display signed OSS video URLs "complete (含 Expires、Signature 参数)" which requires including temporary signature tokens verbatim in output, exposing secret-like values.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's required workflow explicitly ingests user-supplied OSS object paths (the "素材路径列表" oss://... from the "第二步：收集信息" section) and passes those files into ai_gen calls as reference_urls and to_file in the mandatory SQL templates (see references/sql-templates.md and SKILL.md), so untrusted third-party content can be fetched and directly influence generation and downstream actions.