gitload

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt instructs including tokens directly (e.g., --token ghp_xxxx and export GITHUB_TOKEN=ghp_xxxx) and therefore encourages placing secret values verbatim into commands/outputs, creating an exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). This skill explicitly downloads arbitrary user-provided GitHub content (see SKILL.md examples and "gitload downloads content via GitHub's API" and the numerous GitHub URL examples), which exposes the agent to untrusted, user-generated web content that could contain instructions influencing subsequent actions.