bilibili-toolkit

No evidence of active backdoor or code-obfuscation malware, but the module sends queries and full document contents to external embedding and reranking APIs (siliconflow.cn and any configured LONGMAO endpoint), which can leak sensitive data. There is also a hardcoded default database password and an upward-searched secrets.json that can cause accidental secret loading. Recommend treating external endpoints as untrusted, removing hardcoded credentials, and avoiding writing full sensitive contents to disk.