openclaw-config-helper

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt explicitly instructs hardcoding real API keys in configs and uses raw JSON in gateway action commands (e.g., config.patch/config.apply), which would require the LLM to include secret values verbatim in its output.