ssrf

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The skill requires including "exact file location with code snippet" in findings, which forces the agent to reproduce verbatim source content (and thus any embedded API keys/passwords or tokens) from analyzed files, creating an exfiltration risk.