secrets-management

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.80). The skill explicitly includes an "Export Secrets to .env" flow that writes secret values into plaintext .env files and even suggests passing secrets as command-line arguments, which requires embedding secret values verbatim in outputs/commands and therefore poses an exfiltration risk.