giggle-product-poster

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). Although the API key is handled via an environment variable (secure), the skill explicitly instructs the agent to output long signed CloudFront URLs verbatim (including embedded signing tokens), which forces the LLM to handle and emit secret-like values directly, creating an exfiltration risk.