credentials

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The skill instructs the agent to read and extract real API secrets from a user-supplied file or manual input and to write/validate them (including example .env creation and parsing that holds full values), which requires the LLM to handle and potentially emit secret values verbatim — an exfiltration risk.

HIGH W008: Secret detected in skill content (API keys, tokens, passwords).

• Secret detected (high risk: 1.00). I scanned the entire skill prompt for literal, high-entropy credential values. Most occurrences are placeholders or intentionally masked (e.g., "sk-proj-xxxxx", "rnd_xxxxx", "sk-ant-xxx...", "OPENAI_API_KEY" names, truncated examples like "Y1FgKA..." or "-QLoYd..."), which I ignored per the rules.

However, the "Mixed/Informal" example contains two full, non-truncated, high-entropy strings that look like a Reddit client id/secret pair:

• client id: Y1FgKALKmb6f6UxFtyMXfA
• secret: -QLoYdxMqOJkYrgk5KeGPa6Ps6vIiQ

These are not labeled as placeholders, are high-entropy/random-looking, and match the kind of real credentials the detection rules are meant to catch. Therefore I treat them as real, hardcoded secrets present in the documentation.

All other potentially matching tokens in the prompt are either placeholders, masked/truncated, example labels, or low-entropy setup values and were ignored.