gget

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt includes examples and parameters that pass API keys, email/passwords, and other credentials directly as command-line arguments or function parameters (e.g., --api_key, --password, api_key="your_key_here"), which would require the LLM to include secret values verbatim in generated commands or code.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's documentation and workflows (SKILL.md and references/*.md) show numerous modules — e.g., gget.search, gget.info, gget.seq, gget.archs4, gget.cellxgene, gget.enrichr, gget.opentargets, gget.cbio, gget.cosmic, gget.pdb, etc. — that fetch and ingest data from public third‑party sources (Ensembl/FTP, UniProt, NCBI, ARCHS4, CELLxGENE, Enrichr, OpenTargets, cBioPortal, COSMIC, RCSB PDB) as part of the normal workflow and then use those results to drive downstream actions, so untrusted external content can materially influence tool behavior.