multi-wordcheck

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The skill instructs the agent to help users set and verify the REDFOX_API_KEY by inserting the actual key into environment-variable commands (export / SetEnvironmentVariable) and may request the key from the user, which requires the LLM to handle and output secret values verbatim.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.85). 网页链接检测会在运行时把“外部URL页面正文/脚本内嵌文本”通过 extract_text.py 的 extract_from_web() 抓取并提取为可读文本，再作为 --content 发送到 check_sensitive_words.py 的第三方检测 API，从而把OUTSIDER作者的自由文本进入LLM上下文（间接提示注入风险）。