gemini-review

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill explicitly reads the git diff into a variable and injects it verbatim into the Gemini prompt, so any secrets present in code or config diffs would be sent to the LLM (and could be echoed), creating an exfiltration risk.