security-audit

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.80). The skill explicitly highlights hardcoded secrets (showing literal API key/password examples) and instructs locating sensitive values in code without specifying redaction, so an agent following it could end up exposing secret values verbatim in its output.