dev-debug

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The skill forces subagents to inspect config files/logs and to emit "exact" regression test commands and file edits which the main chat will run, so it can require embedding secrets (API keys, tokens, or plain passwords) verbatim in outputs/commands unless the agent explicitly and consistently uses secure patterns—nothing in the prompt enforces that—creating a high exfiltration risk.