security-audit

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt requires including "actual findings" and exact vulnerable code snippets, file paths, and line numbers in the generated report, which would force the model to output any hardcoded credentials or secret values found verbatim (exfiltration risk).