alloydb-postgres-access-management

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill explicitly accepts a plaintext "password" parameter and shows CLI usage where users replace placeholders with actual values (e.g., JSON on the command line), and it instructs the agent to ask for and supply that password for ALLOYDB_BUILT_IN users—forcing the LLM to handle and potentially output secret values verbatim.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The scripts invoke npx to fetch and run the remote npm package "@toolbox-sdk/server@1.1.0" at runtime (via npx ... "@toolbox-sdk/server@1.1.0" ...), which downloads and executes external code that the skill relies on to perform its functions—so it is a runtime-executed external dependency that can control behavior.