douyin-cli

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill instructs users to paste cookies directly into a command (python douyin.py set-cookie "...") and stores cookies in a plaintext file, which requires handling and potentially emitting secret cookie values verbatim (high exfiltration risk).

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill programmatically navigates to and scrapes public Douyin pages (e.g., via douyin_sign.py's _navigate calls to "https://www.douyin.com", and functions like search_videos, get_video_detail, get_comments, get_user_profile) and ingests user-generated content (videos, profiles, and comment text) which the CLI then reads and summarizes/analyzes as part of its workflow (see SKILL.md "评论需要页面滚动触发加载" and the "分析评论区反馈" workflow), so untrusted third-party content can influence agent outputs and actions.