update-role

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The skill reads role files and must show unified diffs verbatim (including vars/defaults), so any secrets stored in those files would be exposed in the agent's output — the prompt's only mitigation is adding no_log to new tasks, not masking or avoiding existing secret values.