connector

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.80). The skill asks users to input API tokens and directs the agent to store them in MCP/global config files (and perform file/tool operations that include those token values), so the LLM must handle and include secret values verbatim in actions even if the chat output is masked, creating an exfiltration risk.