opencontext

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.80). The skill shows and encourages placing an API key directly into a CLI command (oc config set EMBEDDING_API_KEY "<<your_key>>"), which invites substituting the real secret into generated commands and thus would require the LLM to handle/output the secret verbatim if followed—creating an exfiltration risk.