cpa-antigravity-rt-extract

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill explicitly instructs extracting and deduplicating Google refresh_token values from JSON files—these are secrets that would need to be read and output verbatim, creating an exfiltration risk.

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). This tool is explicitly designed to harvest Google refresh_token values from configuration JSON files (i.e., collect credentials), which enables credential theft and unauthorized access and therefore constitutes malicious behavior.