code-search

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The skill's core behavior is to run ripgrep and show matching file contents (including .env and patterns like "password|secret|key"), which would cause any secrets found to be output verbatim and thus risks exfiltration.