douyin-similar-account

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.80). The skill instructs the agent to "主动帮用户设置" the REDFOX_API_KEY and provides shell/PowerShell command templates (e.g., export REDFOX_API_KEY=<值>, SetEnvironmentVariable("REDFOX_API_KEY", "<值>", ...), echo $REDFOX_API_KEY) that require embedding the user's API key value verbatim in generated commands/outputs, so the LLM would need to handle/output secrets directly.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.85). 运行时通过 POST https://redfox.hk/story/api/dyUser/querySimilarAccounts 获取的 currentAccount/benchmarkAccounts/topAccounts 及其 works[].title/desc 等字段会被脚本直接格式化并注入到 LLM 上下文；这些文本来自第三方平台/他人账号内容（非操作用户自有），属于“公共/第三方数据源的外部自由文本”。