gpc-purchase-orders

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill's examples and usage require passing a PURCHASE_TOKEN via a --token command-line flag (i.e., embedding a secret value verbatim in commands), which forces the LLM to handle and potentially output sensitive credentials directly, creating an exfiltration risk.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly designed for billing and post-purchase operations and includes commands that execute financial actions: e.g., "gpc orders refund --order-id ... --confirm" and "gpc external-transactions create --file tx.json" / "ext-tx refund --name ... --confirm". These are specific APIs for creating external transactions and issuing refunds (i.e., moving money), not generic tooling. Therefore it grants direct financial execution capability.