wechat-write

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.85). 运行时通过 scripts/fetch_gzh_trends.py 调用红狐数据接口获取“爆款文章”字段（如 title/summary/author/url），这些文本来自第三方公开公众号内容/作者，随后被 Step 2/4 读入并进入 LLM 上下文用于分析与生成。

HIGH W008: Secret detected in skill content (API keys, tokens, passwords).

• Secret detected (high risk: 1.00). I found a high-entropy API key string in references/gzh_trend_data_format.md:
• API Key: ak_c4fc9018ffb14ce4ae35dafd92f466c3

This is a literal, non-placeholder, random-looking value (long hex-like) that appears to be an actual service credential and meets the secret definition (provides access to the RedFox API). Therefore it should be treated as a real secret.

I ignored other non-secrets in the document such as:

• Placeholder examples like "ak_xxxx..." in SKILL.md / README (documentation placeholders).
• Environment variable names (REDFOX_API_KEY) and usage instructions (these are not secret values).
• Simple/example passwords or illustrative strings (none of which meet the high-entropy requirement).

No private key/PEM blocks or other high-entropy secrets were found beyond the API key above.

MEDIUM W021: Hidden or invisible Unicode characters detected (potential obfuscation or prompt injection).

• Hidden Unicode characters detected (1 type(s) found)