baidu-map-webapi

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.80). The guide explicitly instructs the agent to request the user's AK (API key) and includes scenarios where the model may directly call WebAPI (advanced permissions), which can require the model to receive and include the secret verbatim in API calls—creating an exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly instructs the agent to call public Baidu Map web APIs and download public CSV/XLS files (e.g., administrative_region_search/place_detail_search/place_input_suggestion endpoints and the CSV/Excel links in recipes/weather_query.md) and to read POI descriptions, comments and other returned fields — untrusted, user-generated content that the agent must interpret and that can materially influence routing/tool actions.