groove-utilities-prime

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The prompt instructs the agent to read and output file contents verbatim (notably .groove/IDENTITY.md and frontmatter from .groove/index.md), which could cause any secrets stored in those files to be emitted by the LLM — enabling secret exfiltration.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill explicitly fetches release data from the public GitHub API endpoint (https://api.github.com/repos/andreadellacorte/groove/releases/latest) and uses that external content to decide whether to prepend a "New version" notice and recommend an update, which could allow release metadata to influence the agent's actions.