injection

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill requires including "vulnerable code snippet" in each finding (and prints scanner outputs), which forces the model to output exact code from files — potentially exposing hard-coded API keys, tokens, cookies, or passwords verbatim.