skill-tester

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill explicitly ingests raw script content and API-call logs into its analysis agents and requires agents to output complete JSON blocks (potentially including those raw snippets) without mandating redaction, so secret values present in scripts or logs could be echoed verbatim.