auth0-java-mvc-common

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt explicitly tells the agent to accept user-provided Auth0 credentials ("use them directly") and to ask the user to provide Domain, Client ID, and Client Secret, which encourages the LLM to handle and potentially embed secret values verbatim in generated outputs (even though other parts recommend env vars), creating an exfiltration risk.