lisa-review-project

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill reads project and Lisa template files and emits diffs and file contents in its report/outputs (with no redaction or secret-handling instructions), so any embedded API keys, tokens, or passwords in those files would be included verbatim.