byted-market-insight-agent

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt instructs the agent to ask the user for their API Gateway address and API Key and then generate export commands embedding those values (e.g., export ARK_SKILL_API_KEY="..."), which requires the LLM to output secret values verbatim.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly fetches and ingests public third‑party content (e.g., PullPost returns ItemDocs with Content/Url/MainDomain like douyin.com/weibo.com and QueryClueInfo returns ClueText JSON with source_url) and the workflow requires the agent to read and synthesize those untrusted user-generated posts to drive its answers and actions (see SKILL.md sections "PullPost — 拉取任务数据" and "QueryClueInfo — 查询商机线索").