code-search-assistant

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill explicitly instructs the agent to read repository files and output matching code snippets (including authentication/authorization and API call code), which can contain API keys, tokens, or passwords that would be reproduced verbatim — creating a high exfiltration risk.