base

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt explicitly instructs the agent to ask for, read and parse a user's centralized access file and "create project .env with found keys" and validate them, which requires the LLM to handle and potentially emit secret values verbatim (high exfiltration risk).