md-report-summary

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.80). The prompt requires preserving and outputting user-provided content verbatim (tables, data, image paths, etc.), so if a draft contains secrets or credentials the LLM is instructed to include them verbatim, creating an exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's workflow explicitly calls out using "WebSearch" to fetch and summarize web background and best-practice content in the "三、无草稿流程" step 2 and to supplement missing sections in "四、有草稿流程" step 3, which means it ingests open/public, untrusted third‑party web content that will be interpreted and used to generate outputs.