gget-genomic-databases

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt includes a code example that passes credentials directly (email="user@example.com", password="xxx") as function arguments, which requires embedding secret values verbatim in output and poses a high exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md and referenced files explicitly show gget querying many public third‑party APIs (e.g., Ensembl, NCBI/BLAST, Enrichr, ARCHS4, OpenTargets, cBioPortal, COSMIC — see "Core API", "Complete Database Directory", and workflows) and using those returned results to drive downstream analyses and tool calls, which exposes the agent to untrusted public web content that can influence next actions.