merge-resolver

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt instructs the agent to capture and embed raw file diffs and file contents (via git diff/git show) verbatim into reports and outputs, which would cause any secrets present in repository files or configs to be included in the LLM's output and thus creates an exfiltration risk.