pasta-vulns

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The skill explicitly instructs checking for hardcoded credentials and producing findings with file/line/snippet details, which strongly implies the LLM will read and may output secret values verbatim (unless redaction is implemented), creating exfiltration risk.