code-reviewer

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The reviewer explicitly includes and highlights hardcoded secret literals (e.g., 'sk_live_abc123xyz') and formats code snippets for reports, which requires the model to reproduce secret values verbatim when flagging them, creating an exfiltration risk.