embedded-dev-antigravity

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill explicitly instructs the agent to ask the user for Wi‑Fi SSID and password and then embed the password verbatim into commands (e.g., nmcli ... password ) that the agent will generate/execute via fastmcp, creating direct secret exposure and exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). SKILL.md Step 3 explicitly requires performing web_search against public sites (e.g., docs.espressif.com, docs.zephyrproject.org, site:github.com) and mandates using those search results in technical answers and to generate commands/calls (see Steps 5 and 7), so the agent will read and act on untrusted third-party content that could influence tool use.