gemini-image

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill reads API keys from secrets.md and then constructs curl requests that embed those keys (query parameter or Authorization header), forcing the agent to insert secret values verbatim into generated commands/requests.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's required image-to-image workflow (SKILL.md Step 3 referencing references/image-upload.md) instructs uploading images to public hosts like Litterbox/Catbox and/or using an arbitrary proxy API (config/secrets.example.md), and those untrusted public URLs are included in prompts and responses so external content can directly influence generation and subsequent tool behavior.