image-gen

CRITICAL E004: Prompt injection detected in skill instructions.

• Potential prompt injection detected (high risk: 1.00). The prompt includes instructions to source GEMINI_API_KEY from a specific user's secrets file (~/Library/.../Geoffrey/secrets/.env) and a blanket "DO NOT use the Read tool" directive—explicit, out-of-scope directions to access/handle private credentials and to suppress analysis that do not align with the stated image-generation purpose, so this is a prompt injection.