code-quality-audit

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill explicitly requires quoting exact line numbers and code snippets and to "report everything you observe," so if provided source files contain hardcoded API keys, tokens, or passwords the LLM would be instructed to reproduce them verbatim, creating an exfiltration risk.