code-auditor

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.80). The prompt requires the agent to include code snippets, identifiers, CLI commands and file/line references verbatim in reviews and gives no instructions to redact secrets, so any hardcoded API keys or passwords present in the reviewed files could be reproduced in the agent's output.