android-playstore-setup

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.80). The prompt explicitly instructs copying plaintext secrets (service account JSON, base64 keystore, store/passwords) into GitHub Secrets and references KEYSTORE_INFO.txt contents, which encourages moving and embedding secret values and could lead an agent to read or output them verbatim.