privacy-parser-pii-extraction

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill explicitly extracts and returns PII spans (including label "secret") and shows examples that print/export span.text (e.g., tokens like ghp_abc123XYZ or passwords), which requires the agent to include secret values verbatim in its output.