glmocr

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt includes explicit examples and instructions that place API keys directly in environment variables, CLI flags, and constructor arguments (e.g., export GLMOCR_API_KEY=sk-xxx, glmocr parse --api-key sk-xxx, GlmOcr(api_key="sk-xxx")), which requires the LLM/agent to handle and potentially output secret values verbatim.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's required workflow explicitly accepts a "document path / URL" (Typical Agent Workflow) and hands the parsed markdown_result to the LLM for reading/summarization, so it will ingest and act on arbitrary third-party documents/URLs that could contain untrusted instructions.