wechat-illustrator

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill explicitly asks the user to provide a DashScope API Key (or use DASHSCOPE_API_KEY) and instructs the agent to run a command embedding the key as a CLI argument (--api-key "USER_API_KEY"), which requires the LLM to handle and output the secret verbatim.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly ingests and analyzes user-provided/public WeChat or blog articles (see SKILL.md "When user provides article content" and README "直接发送你的文章内容或链接") and uses that untrusted third‑party content to build prompts and drive image-generation actions, so external content can materially influence tool use and next steps.