Apple iCloud Suite

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The skill explicitly asks the agent to collect/store sensitive secrets (Apple ID main password, app-specific password, AMap API key) and shows examples embedding them in exports, config files and hard-coded calls, meaning the LLM would need to handle and potentially output secret values verbatim.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's status_wall and calendar workflows (status_wall.py and icloud_calendar.py / CalDAV access) explicitly fetch and parse iCloud calendar events and AMap reverse-geocode responses — both external, user-generated/third-party contents — and use those event summaries and geocode results to decide state, create/update/delete calendar events and change polling behavior, which can be influenced by malicious third-party content.