yuque-dl

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). 提示要求用户提供语雀 cookie token（如 _yuque_session）并在命令行示例中以 -t/-k 参数直接嵌入，这会使代理需要接收并可能原样输出/包含秘密值，属于高风险密钥泄露模式。

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill explicitly downloads and processes user-provided Yuque knowledge base content from arbitrary yuque.com or enterprise Yuque URLs (see SKILL.md workflow and scripts/download.sh invoking yuque-dl on the supplied URL), which is user-generated/untrusted third‑party content that the agent reads and ingests as part of its workflow, enabling indirect prompt injection.