canghe-infographic

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The prompt mandates preserving all source data verbatim and writing user-provided content into generated files and prompts, so any secrets included in the source (API keys, tokens, passwords) would be emitted verbatim by the LLM, creating an exfiltration risk.