volcengine-search

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt includes command-line examples that pass YOUR_API_KEY as a direct argument (and instruct using the API key in requests), which effectively instructs embedding secret values verbatim in commands/outputs despite also mentioning env vars, creating a high exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). This skill explicitly calls Volcengine's public Fusion Information Search API (base_url https://open.feedcoopapi.com/search_api/web_search shown in scripts/volcengine_search.py and SKILL.md) and ingests WebResults/Content/Summary/Choices/CardResults — untrusted, user-generated or public web content that the agent reads and uses to produce summaries and drive actions, enabling indirect prompt injection.