bknd-crud-delete

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt includes examples that embed tokens and passwords directly in code and curl headers (e.g., api.updateToken("your-jwt-token"), -H "Authorization: Bearer YOUR_JWT_TOKEN", and an inline email/password), which instructs placing secrets verbatim in outputs/commands and therefore creates an exfiltration risk.