google-agents-cli-deploy

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.80). The prompt includes explicit examples that echo secret values and pass API credentials directly on the command line (e.g., --secrets "API_KEY=my-api-key", echo -n "YOUR_API_KEY" | ...), which would encourage or require the agent to include secret values verbatim in generated commands — a high exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). This skill's workflow explicitly tells the user/agent to fetch external public docs and samples (e.g., "For ADK docs on Cloud Run deployment, fetch https://adk.dev/deploy/cloud-run/index.md" and references to the public GitHub sample https://github.com/google/adk-samples/...), so it directs consumption of open third‑party content that could influence deployment actions.