gemini-cli-runtime

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.80). The skill forwards the user's raw task text verbatim into a single shell command (node ... task ""), so if that text contains API keys, tokens, or passwords they will be embedded and output verbatim—creating an exfiltration risk.