competition-jwt-claim-confusion

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). This skill explicitly requires recording and reproducing raw JWTs, headers/claims, JWKS or embedded key material and a "replayable token-to-acceptance sequence", which would force the LLM to output bearer tokens or key material verbatim, creating an exfiltration risk.