code-simplifier

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.80). The skill mandates providing file:line proof, writing reports, and excerpting/quoting code from project files as evidence, which can force the agent to reproduce any secrets embedded in those files verbatim (exfiltration risk), even though it doesn't explicitly request API keys.