hence-share

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt explicitly instructs passing an API key as a literal command-line argument (python scripts/auth.py ), which requires embedding secret values verbatim and is an exfiltration risk.