xuanim-api

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). Insecure: the skill requires using the application secret ("key") to compute tokens and explicitly shows patterns (e.g., scripts invoked as ... <query> <key> and building signed URLs) that would force the agent to accept and embed the secret verbatim into commands/requests.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's SKILL.md and reference files (e.g., references/get-group-chats.md and references/get-chat-users.md) explicitly instruct the agent to call arbitrary xuanim endpoints (https://{host}/x.php and linked docs like https://www.xuanim.com/...), which will return untrusted, user-generated group/user/message data that the agent is expected to read and that can influence which groups/users/actions it selects or follow action URLs, enabling indirect prompt injection.