news-to-video-monetizer

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). It explicitly asks the user to "把 API Key 发给我" and then shows commands (e.g., verify-key <api_key>) that would require embedding the received API key verbatim into generated commands/requests, so the LLM must handle and output the secret directly.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly ingests public social-media and web content — SKILL.md's "自动采集" and the "采集脚本"/采集逻辑 state it pulls real-time hot lists from Douyin/Weibo/B站/etc via the DailyHot API (localhost:6688) and uses those topics to drive filtering, script generation and publishing, so untrusted user-generated content can materially influence agent decisions.