secrets-management

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.80). The prompt includes examples that embed secrets verbatim into commands and CI outputs (e.g., vault kv put password=secret, aws --secret-string "super-secret-password", echo DB_PASSWORD=$SECRET), which would encourage or require the agent to handle and potentially output secret values directly.