neodata-financial-search

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.80). The skill includes explicit shell examples that check and export the JWT (echo $NEODATA_TOKEN; export NEODATA_TOKEN="") — actions that can require embedding or printing the secret verbatim in agent outputs even though it also advises to "silently handle" the token.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill queries the NeoData API (https://copilot.tencent.com/agenttool/v1/neodata) and returns untrusted, public third‑party text resources (see data.docData.docRecall[].docList[].url and .content in SKILL.md/reference.md, e.g., news/研报/article content), which the agent is expected to read and use to drive responses and decisions, so external content could carry indirect prompt injection.