weekly-report-to-annual

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill explicitly asks the user to provide an email address and an application password and directs connecting to the IMAP server to fetch emails (without instructing secure handling like environment variables), which requires the agent to handle and would likely embed secret credential values verbatim in connection commands or code.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill's fetch_emails.py connects to a Feishu IMAP mailbox (imap.feishu.cn) to retrieve real user emails and demo.py directly embeds those email bodies into the agent's prompt, so the agent ingests arbitrary, user-generated third‑party email content that could contain indirect prompt injections.