csdn-publisher

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt explicitly shows and instructs using a Telegram bot token as a command-line argument (--bot-token "YOUR_BOT_TOKEN"), which requires embedding a secret verbatim in commands and therefore risks exfiltration.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill's setup explicitly downloads and installs a remote binary via "https://dl.google.com/linux/direct/google-chrome-stable_current_x86_64.rpm", which fetches and executes remote code as a required dependency for the browser automation.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 0.80). This skill instructs system-level changes (yum install of Chrome) and explicitly disables browser sandboxing ("noSandbox": true), which bypasses security mechanisms and thus can compromise the host state.