code-hygiene

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill explicitly requires reading source files and embedding "original code snippet" verbatim in the findings report, which would expose any API keys, tokens, or passwords present in the reviewed code (even though some config file types are skipped), so it mandates handling/outputting secrets directly.