gget

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt contains explicit examples and parameters that pass secrets verbatim (e.g., --api_key / api_key and COSMIC --password) as CLI arguments or function parameters, forcing the LLM to include user-provided credentials directly in generated commands/code.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The gget skill programmatically queries and ingests data from many open public third‑party databases (e.g., Ensembl/UniProt/NCBI, ARCHS4, Enrichr, cBioPortal, COSMIC, cellxgene, OpenTargets) as part of its workflows, so it clearly consumes external untrusted/public content that the agent reads and interprets at runtime.