baseline-security-audit

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill explicitly scans for hardcoded secrets and mandates creating Jira issues with finding descriptions (file + line and issue details) but gives no instruction to redact or avoid including secret values, so the LLM would likely output secrets verbatim in audit results or issue descriptions.