audit-public-rules

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill reads repository files into memory and produces diagnostics and before/after diffs that include exact file lines (with no redaction rule), so if secrets or API keys appear in those files the agent would be required to output them verbatim.