google-slides

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt requires users to place OAuth client_id/client_secret into a config file and shows CLI usage (e.g., --client-secret SECRET) that would cause the agent to include secret values verbatim in commands or generated files, creating an exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's runtime commands (presentations read / presentations get in SKILL.md and references/command-reference.md) explicitly fetch and extract text from Google Slides presentations and the images create command accepts arbitrary public image URLs, meaning the agent ingests untrusted, user-generated third-party content (from Google Slides and arbitrary web URLs) as part of its workflow.