file-upload

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The skill requires including "exact file location with code snippet" in findings, which can force the LLM to reproduce any secrets present in the codebase verbatim (exfiltration risk), even though it doesn't explicitly request user-provided credentials.