quark-download-skill

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill explicitly requires using and passing opaque tokens (stoken) in subsequent CLI calls (e.g., detail PWD_ID --stoken STOKEN) and tells the agent to ask the user for extraction codes (提取码) which the agent would need to embed verbatim in commands/requests, creating an exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill directly fetches and ingests public, user-generated cloud-share data from PanSou (https://s.panhunt.com/api — e.g., /search and /health) and Quark drive endpoints (https://drive-pc.quark.cn/… for token/detail), parses those results and file listings, and uses them to decide which shares to save or open, so untrusted third-party content can influence agent actions.