gumlet-image-source

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt's examples show embedding credentials (access_key, secret, service_account_json) directly into the --config JSON passed on the command line, which requires the model to output secret values verbatim and thus poses an exfiltration risk.