gc-review-iam

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt explicitly instructs the agent to read source/config files and produce findings that include "Code Found" snippets and file:line entries for hardcoded secrets, which would require including secret values verbatim in the report — a direct exfiltration risk.