gemini

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt explicitly instructs using a command-line flag --cfg apikey=<key>, which encourages embedding raw API keys into generated commands/outputs and therefore requires the LLM to handle secret values verbatim.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). SKILL.md explicitly documents a "Google Search Integration" (example: x gemini gg "...") and mentions piping outputs from external tools like x wkp (Wikipedia), which means the agent fetches and ingests untrusted public web/user-generated content into its runtime workflow and can act on that content.