jimeng-login

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt explicitly includes a snippet to return document.cookie and suggests exporting cookies to a backup file, which requires reading and storing session cookies (secrets) verbatim and thus poses an exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly opens and inspects an external Douyin OAuth page (open.douyin.com) and uses browser-tab title checks, screenshots of that page (QR) and page state changes to drive the login workflow, so it consumes untrusted public third-party content that directly influences the agent's actions.