sn-search-social-cn

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill explicitly shows and allows passing full platform cookies as inline environment variables or CLI arguments (e.g., ZHIHU_COOKIE="..." and --cookie "..."), which requires embedding secret cookie values verbatim in commands/outputs.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's scripts (scripts/bilibili_search.py, scripts/zhihu_search.py, scripts/douyin_search.py) directly fetch and parse user-generated content from public third‑party sites (api.bilibili.com, www.zhihu.com/api/v4, www.douyin.com), returning titles, snippets and full content (Zhihu can save full content to temp files) that the agent is expected to read/interpret as part of its workflow, which could allow indirect prompt injection.