readgzh

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt explicitly instructs embedding live API keys (e.g., Authorization: Bearer sk_live_... and ?key=sk_live_...) into requests and examples, which requires the LLM to handle and output secret values verbatim, creating a high exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The required workflow ingests outsider-authored free text by scraping/parsing the user-supplied WeChat article URL (mp.weixin.qq.com) via readgzh.read → GET /rd?url={wechat_url}&format=text, where the article body is written by the WeChat Official Account (not the operating user).