codebase-teach

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). Because the skill instructs the agent to read project source/config files and extract "integration points" and other signals into generated docs without any mention of redacting or avoiding literal secret strings, it could ingest and then output hard-coded API keys, tokens, or passwords verbatim.