金蝶ERP销售订单执行情况查询

The skill bundle contains hardcoded plaintext database credentials (host, port, username, and password) for a public IP address (111.198.79.26) within both SKILL.md and scripts/kingdee_query.py. While the script logic is functional and uses parameterized queries to prevent SQL injection, the exposure of sensitive credentials for a remote production-style database is a significant security risk and a major vulnerability.