raccoon-audit

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt contains explicit example secrets (e.g., 'sk-live-abc123xyz789') and shows curl/CLI usage with Authorization headers and token placeholders while instructing the agent to test/rotate keys — all of which require embedding secret values verbatim in commands or outputs, creating exfiltration risk.