ai-sdk-ui

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The prompt includes examples that embed Authorization headers directly (e.g., headers: { Authorization: 'Bearer token' }) and shows per-request header configuration, which encourages inserting secret API tokens verbatim into requests, creating exfiltration risk.