login-flows

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The prompt includes hardcoded credentials (e.g., 'testuser'/'testpass') and examples that save auth state verbatim, which encourages the LLM to output secret values directly even though it also mentions env vars elsewhere.