aippt

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). 该技能明确要求“从 config/secrets.md 获取 API Key”并在示例 curl 中将其放入 Authorization: Bearer ...，这需要将秘密值逐字包含在输出/命令中，存在敏感信息外泄风险。

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly instructs uploading template images to public image hosts (see 05_图床上传方法.md recommending freeimage.host, catbox.moe, etc.) and then uses the returned {垫图URL} inside prompts (see 02_PPT模板分析方法.md and 04_内容映射方法.md) so the agent will fetch and interpret untrusted, user-hosted content as part of generation, enabling indirect prompt injection.