openydt-shared

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The prompt explicitly shows and requires passing secrets as command-line flags (e.g., openydt config set --secret 123456) and documents Authorization headers/derived signatures, which encourages embedding raw keys/secrets in generated commands or outputs and thus risks verbatim secret exfiltration.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is an API/CLI client for a parking platform that explicitly includes billing/payment capabilities. The docs reference a "trade" domain for 查费/缴费, list "缴费" (payment) among write operations that require --dry-run and --yes, and describe authenticated signed requests using key/secret to call platform endpoints (including prod). Those points show the tool is specifically designed to execute financial operations on the platform (initiate payments/charge actions), not merely generic HTTP or browsing. Therefore it grants Direct Financial Execution authority.

MEDIUM W021: Hidden or invisible Unicode characters detected (potential obfuscation or prompt injection).

• Hidden Unicode characters detected (1 type(s) found)