alapi

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill explicitly instructs the agent to ask the user to send their ALAPI token and to persist/export it by embedding the token value into shell commands/files (e.g., append export ALAPI_TOKEN='...'; export ALAPI_TOKEN='...'), which requires the LLM to handle and output secret values verbatim — a high-risk exfiltration pattern.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). This skill's required workflow directs the agent to call bundled ALAPI endpoints that fetch open/public and user-generated content (see references/api-catalog.md endpoints such as /api/comment for NetEase comments, /api/hitokoto, /api/new/hanfu, and /api/lanzou which accepts arbitrary public URLs), and those responses are meant to be read and used to choose endpoints, build requests, and summarize results—allowing third-party content to influence the agent's next actions.