jwt-decoder

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt's usage examples and commands explicitly pass secrets (e.g., --secret "your-secret") on the command line and instruct generating/verifying JWTs with a secret, which requires the agent to accept and potentially output secret values verbatim.