bmap-cli

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). Insecure: the skill requires reading the CLI's AK list and inserting the "完整原始 AK 字符串" (full API key) directly into delivered code files (i.e., emit secret values verbatim), which forces the LLM/agent to handle secrets in output.

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 0.90). High-risk: the skill mandates downloading and running a remote CLI binary and—critically—requires immediately executing any update/command strings printed by that CLI (the "发现新版本" rule), which permits remote-controlled code execution/supply‑chain compromise; it also instructs creating unrestricted browser API keys (b_referers='*') and embedding keys into code while hiding full keys from terminal output, policies that facilitate credential abuse and make detection/remediation harder.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill explicitly downloads and installs a remote CLI binary at runtime using curl from https://open-agent-cli.bj.bcebos.com/cli/bmap-cli-${BMAP_OS}-${BMAP_ARCH}, which is then executed and is a required dependency that can run remote code and influence agent behavior.