meitu-carousel

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.80). The prompt explicitly references API credentials and shows CLI configuration using meitu config set-ak --value "..." / set-sk --value "..." and tells the agent to guide credential configuration on auth failure, which can lead the LLM to ask for and embed secret values verbatim (insecure CLI arg pattern), so it creates a significant exfiltration risk.