gget

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt contains explicit examples and parameters that pass secrets verbatim (e.g., --api_key / api_key and COSMIC --password) as CLI arguments or function parameters, forcing the LLM to include user-provided credentials directly in generated commands/code.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). gget explicitly queries and ingests data from many public third‑party services (e.g., Ensembl/UniProt/NCBI via gget.search/gget.info/gget.seq, ARCHS4 via gget.archs4, CZ CELLxGENE via gget.cellxgene, cBioPortal via gget.cbio, COSMIC via gget.cosmic, Enrichr via gget.enrichr, and BLAST databases via gget.blast), so the agent directly reads untrusted/public web/forum/user-generated content as part of its workflows and could therefore be exposed to indirect prompt injection.