llm-public-opinion-analytics

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The prompt shows and instructs placing secrets directly into code/config (MYSQL_PASSWORD in settings.py, COOKIES with cookie strings, MySQL connect password, webhook URLs, and troubleshooting steps that tell you to copy/paste cookies or use token-bearing URLs), which would require the agent to handle and potentially output secret values verbatim.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The SKILL.md explicitly describes automated crawlers that scrape public platforms (Weibo, Bilibili, Douyin, Toutiao, Zhihu, etc.) and includes custom_spider code that fetches detail page content which is then fed into analyzer.analyze_sentiment and downstream alert/push logic, so untrusted third‑party content is ingested and can influence agent actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The installation instructs to git clone and run the repository https://github.com/hmmnxkl/LLM-Based-Intelligent-Public-Opinion-Analytics-Assistant.git, which fetches remote code that will be executed as part of running the skill (i.e., a required external repo executed locally), so it meets the criteria for a runtime-executed external dependency.