gget

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt includes explicit examples and parameter fields that instruct embedding secrets verbatim (e.g., --password, --api_key, api_key="your_key_here") in CLI commands and function calls, which forces the LLM to handle/output secret values directly.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). gget routinely fetches and ingests data from public third‑party APIs and sites (e.g., Ensembl/Ensembl FTP & REST, NCBI/BLAST nt/nr, ARCHS4, CZ CELLxGENE census, Enrichr, cBioPortal, OpenTargets, RCSB PDB, COSMIC) and is expected to read/interpret those external responses as part of its workflows, so it clearly consumes untrusted public content that could carry indirect prompt-injection payloads.