feature-flags

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The prompt contains examples that embed credentials/tokens directly in code and configs (e.g., docker-compose POSTGRES_PASSWORD=password and Unleash Authorization: 'your-api-token'), which encourages producing or inserting secret values verbatim into generated files/commands and therefore poses a high exfiltration risk.