gcp-cloud-functions

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt includes examples that embed API keys directly in CLI commands (--set-env-vars API_KEY=xxx) and Terraform environment_variables ("your-api-key"), which would require the agent to handle or output secret values verbatim.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill ingests untrusted user-provided content: the HTTP function is deployed/configured as unauthenticated (gcloud --allow-unauthenticated and Terraform iam member "allUsers") and the Cloud Storage and Pub/Sub trigger handlers explicitly read/process uploaded files and messages, so the agent will read/interpret third-party content from those sources.