code-review

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The skill instructs agents to run git diffs and report security issues including "exposed secrets or credentials" without any guidance to redact or avoid echoing matching secret values, so an agent reviewing diffs may read and output secret strings verbatim.