bilibili-analyzer

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill explicitly requires "完整转录屏幕上的所有文字" and full transcription of code/terminal outputs from images, so any secrets visible in frames (API keys, tokens, passwords) would be output verbatim, creating an exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill downloads and processes user-supplied Bilibili video URLs (via scripts/prepare.cs, yt-dlp and the Bilibili API endpoints shown) and the agent is instructed to read and fully transcribe/analyze the extracted frames (user-generated public video content), exposing it to untrusted third-party content that could carry indirect prompt injection.