pr

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.80). The skill asks the agent to "review the full conversation" and automatically write conversation context into the PR description, which could cause the LLM to copy any API keys/secrets present in the chat verbatim into PR text (exfiltration risk), even though it doesn't explicitly ask for secrets otherwise.