video-generate

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill tells the agent to obtain user API keys and write them into the workspace environment file (append, ensure format, make effective and retry), which requires the agent/LLM to receive and emit secret values verbatim—an exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's SKILL.md and scripts/video_generate.py clearly accept arbitrary public URLs (first_frame, last_frame, reference_images, reference_videos, reference_audios and optional tools like web_search) and inject them into the generation request via _build_content/_build_request_body, meaning untrusted third‑party content from those URLs is consumed and can materially influence the model's actions.