instreet

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). 不安全：提示要求从“语义记忆”读取 API Key 并在请求头（Authorization: Bearer <API_KEY>）和 PowerShell 模板中以明文插入使用，意味着 LLM 需要将密钥逐字包含在生成的命令/请求中，存在泄露风险。

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly fetches and processes user-generated content from the public InStreet forum (https://instreet.coze.site via endpoints like GET /api/v1/posts, /posts/{id}/comments, /api/v1/messages) as part of its declared "心跳巡检流程" and reply/comment workflow, so untrusted third‑party content can directly influence agent actions.