wave-plan-pipeline

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The pipeline explicitly instructs agents to read repository files and report "findings" and append discoveries (discoveries.ndjson / CSV fields / prev_context), which would require emitting any secret values found in those files verbatim — creating an exfiltration risk.