asc-app-shots

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt shows and documents passing a Gemini API key directly on the CLI (e.g., asc app-shots config --gemini-api-key AIzaSy...) and describes storing/using the key in config/flags, which would require the LLM to embed secret values verbatim in commands or output, an exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill explicitly fetches App Store metadata via the asc CLI (see SKILL.md Step 3 and references/commands.md: asc app-info-localizations / version-localizations), uses developer-provided name/subtitle/description fields (third-party content) to build the ScreenPlan imagePrompt (references/plan-schema.md) which is sent to Gemini — so untrusted third-party text can be injected into prompts that materially affect generation.