webapp-testing

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt shows plaintext credentials embedded in commands (e.g., agent-browser fill @e2 "password123") and suggests saving auth state, which requires outputting or handling secret values verbatim, creating exfiltration risk.