flipswitch-setup

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill fetches an SDK API key via the MCP tool, passes that key into get_sdk_setup_snippet, and then writes/displays the returned initialization code—forcing the agent to handle and output the API key verbatim in generated files/commands.