bbdown-cli

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt shows and encourages embedding cookies/tokens directly in command-line arguments (e.g., -c "SESSDATA=...", -token "..."), which would require the agent to include secret values verbatim in generated commands/outputs and thus poses exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill instructs running BBDown with arbitrary Bilibili URLs (e.g., "BBDown --only-show-info " and "BBDown --work-dir data "), so it fetches and parses public, user-generated content from Bilibili (an untrusted third-party source) as part of its workflow.