kibana-streams

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The skill's examples and instructions show embedding an API key directly in curl Authorization headers (Authorization: ApiKey ) and do not require or recommend using environment variables or CLI-managed auth, which encourages the LLM to insert secret values verbatim into generated commands—an exfiltration risk.