gitload

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt instructs including tokens directly (e.g., --token ghp_xxxx and export GITHUB_TOKEN=ghp_xxxx) and therefore encourages placing secret values verbatim into commands/outputs, creating an exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill explicitly directs the agent to download and expose repository files from public GitHub URLs (see SKILL.md "Basic Usage" and "URL Formats"), which are untrusted, user-generated third-party contents that the agent will fetch and surface and that could contain instructions influencing subsequent actions.