gpt-image-1-5

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.80). The skill explicitly supports and documents passing an API key via a --api-key argument and even says to "use if user provided key in chat", which can require the LLM to insert the secret verbatim into generated commands or examples, creating an exfiltration risk.