byted-data-deepresearch-structured2markdown

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill explicitly instructs the agent to ask the user for AccessKey/SecretKey, remember them, and embed them verbatim into shell commands as --ak "$VOLC_AK_INPUT" --sk "$VOLC_SK_INPUT", which requires the LLM to handle and output secrets directly.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The skill performs runtime signed API calls to the remote service at https://data-agent.volcengineapi.com (DEFAULT_API_HOST) and streams/generated document content from that service—which directly controls the produced output and is a required runtime dependency for the skill to function.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 0.80). The skill explicitly instructs installing system packages via apt (apt update && apt install python3-venv -y) which modifies system files and requires elevated privileges, creates/installs runtime environments and packages on the host, and directs collecting/storing sensitive credentials in shell variables—actions that can change machine state and pose security risk.