jeecg-bpmn

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill asks the user to provide an X-Access-Token and shows a Python template that embeds TOKEN = '{用户提供的 X-Access-Token}' and places it verbatim into request headers, requiring the LLM to include the secret value directly in generated output/code.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill requires calling a user-supplied JeecgBoot backend (the API_BASE provided by the user) — e.g., the Step 3 Python calls to {API_BASE}/act/designer/api/saveProcess and other design APIs — and ingests those API responses to build/update processes and decide next actions, so it clearly consumes untrusted third‑party content that can influence tool use.