copy-qa-review

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The skill asks the model to read uploaded brand docs and the copy and explicitly to "quote the actual words or phrases that concern you," so any secrets present in those inputs (API keys, tokens, passwords, cookies) would be reproduced verbatim in the LLM output, creating an exfiltration risk.