ai-topic-scout

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt explicitly instructs copying Twitter cookies (auth_token, ct0) into a config file and using them as literal CLI arguments (e.g., --auth-token "" --ct0 ""), which requires embedding secret values verbatim in commands and risks exfiltration.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md workflow explicitly fetches and ingests public, user-generated content (YouTube via yt-dlp using "https://www.youtube.com/@{频道ID}/videos" and Twitter/X via the bird CLI's user-tweets) and also uses web search results, and that content is read and analyzed to generate topic selections and actions—so untrusted third-party content can materially influence the agent's decisions.