git

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt explicitly tells AI agents to retrieve and use GitHub authentication tokens (e.g., "Use gh auth token to retrieve the authentication token for API calls"), which encourages reading and embedding secret token values and therefore requires handling secrets verbatim.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly instructs AI agents to use the GitHub CLI and API (e.g., "gh repo clone", "gh pr view", "gh api repos/:owner/:repo/pulls", and search commands) which causes the agent to fetch and read arbitrary public repositories, PRs, issues, and comments—untrusted, user-generated third‑party content—as part of its workflow.