competition-ios-runtime

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill explicitly instructs inspecting Keychain items and recording plaintext inputs, headers, tokens, signatures, and local credentials to rebuild/replay requests, which requires including secret values verbatim in outputs and therefore poses a direct exfiltration risk.

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). 该技能明确描述绕过 SSL 钉扎、检索 Keychain、使用 Frida Hook 读取/重放认证请求等技术，直接支持凭证窃取与未经授权的数据外传，具高度滥用与恶意利用风险。