ask-gemini

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill explicitly directs inserting the user's ARGUMENTS verbatim into CLI commands and storing the "final prompt sent to Gemini CLI" and raw output in an artifact, which will force the model to include any secrets/API keys present in the user's input or Gemini's output verbatim (high exfiltration risk).