gmgn-portfolio

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt explicitly instructs the agent to ask the user to "send me the API Key value" and then embed that key verbatim into a shell command (echo 'GMGN_API_KEY=<key_from_user>' > ~/.config/gmgn/.env), which requires the LLM to handle and output the secret directly.

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). The skill contains an explicit instruction asking the user to generate an API key on gmgn.ai and "send me the API Key value" (i.e., request for secrets), which is direct credential-exfiltration behavior and constitutes a high-risk backdoor/abuse pattern even though there is no obfuscated code or remote-exec payloads.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill calls the GMGN API via the gmgn-cli to ingest live wallet/profile data (e.g., common.twitter_username, common.tags and other identity fields) and explicitly instructs the agent to use those third-party identity fields when building wallet narratives, so untrusted/user-generated content from the API can influence analysis and next actions.