pywencai

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill explicitly requires users to obtain and supply a session Cookie and shows copying that Cookie from browser requests and passing it as the cookie parameter (potentially embedding the secret verbatim in code/commands), so the LLM could be instructed to handle or output that secret directly.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly instructs the agent to call pywencai.get against the public site https://www.iwencai.com (using a WENCAI_COOKIE) to fetch/search live results, so the agent ingests untrusted third‑party web content that directly drives selection/automation decisions.