giggle-generation-image

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). Although the API key is read from the environment (not to be embedded), the skill explicitly instructs the agent to forward full signed URLs containing Policy/Key-Pair-Id/Signature query parameters (secret tokens) verbatim, requiring the LLM to output sensitive credential-like values.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly accepts arbitrary public reference image URLs (see "Image-to-Image Reference: Method 1: URL" in SKILL.md) and the runtime script (scripts/generation_api.py) sends those URLs to the generation API and even downloads/forwards returned image URLs, so untrusted third‑party content can be ingested and materially influence generation/results.