byted-marketing-agent-trending-list

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill explicitly asks the user to provide AccessKey/SecretKey and instructs storing them in shell variables and appending --ak/--sk to all generated CLI commands, which forces the agent to include secret values verbatim in its generated commands/outputs.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's required workflow (SKILL.md Step 1/Step 2) and scripts/openapi_client.py explicitly call the external Volcengine API (host cdp-saas.cn-beijing.volcengineapi.com / PUBLIC_INSIGHT_API_URL) using list-industries and query to fetch trending/public content (e.g., related video titles, links, summaries, analysis) that the agent parses and uses to format results and drive follow-up actions, so it clearly ingests untrusted/user-generated third‑party content that could carry indirect prompt injection.