quality-gate

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt explicitly requires including the full git diff in task descriptions and SendMessage outputs (or otherwise embedding changed file contents), so any secrets present in the diff would be passed through and output verbatim, creating an exfiltration risk.