typescript-code-review

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The skill explicitly requires including "Current code" snippets in findings and directs the reviewer to flag hardcoded secrets, so if the submitted code contains API keys/tokens/passwords the LLM would likely need to reproduce those secret values verbatim in its output.