gogcli

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt explicitly instructs the agent to read the OAuth Client ID and Client Secret from the GCP console and create a credentials JSON (i.e., copy secrets into output/files), which requires the LLM to capture and emit secret values verbatim.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly instructs Claude to browse the Google Cloud Console (https://console.cloud.google.com/) via Playwright and to use the gog CLI to read Gmail, Drive, Chat, and other user data (user-generated/untrusted third-party content) as part of its workflow, which the agent will interpret and which can materially influence subsequent actions.