consult-codex

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill explicitly requires including raw agent outputs, file:line citations, and code snippets from the repository (and to echo Codex CLI output), which would force the LLM to reproduce any secrets or API keys present in those files or outputs verbatim, creating an exfiltration risk.