acestep

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt tells the agent to ask the user for their API key and then run commands that embed that key (e.g., ./scripts/acestep.sh config --set api_key <KEY>), which requires the LLM to output the secret verbatim.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's CLI (scripts/acestep.sh) calls a configurable external API (api_url, e.g. https://api.acemusic.ai or arbitrary remote-server), parses remote JSON responses including choices[0].message.content and result[].file, and then downloads/acts on audio file URLs returned by that API (parse_completion_response / download_audios / query_result flows), so untrusted third‑party API content can directly influence what the tool fetches and does.