bug-audit

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.80). The skill instructs the agent to read all project files and produce exhaustive, file-specific findings (including checking for "hardcoded secrets"), which creates a strong chance the model will need to surface literal secret values from code unless redaction is explicitly required.