weibo-hot

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The skill tells users to update the script's Cookie to bypass visitor checks, which encourages embedding session cookies (secrets) directly into code/outputs and therefore creates an exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill's script scripts/get_hot.py explicitly scrapes live, public Weibo content from https://s.weibo.com/top/summary (as documented in SKILL.md) and parses user-generated trending topics which the agent ingests and uses to form its output, creating a clear avenue for indirect prompt injection via untrusted social-media content.