gtm-setup

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.80). This skill asks the agent to accept pasted credential JSON (and redirect URLs containing auth codes) and write them to files, which requires the LLM to receive secret values verbatim in its context (creating exfiltration risk).