esphome-devices

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt includes a secrets.yaml with plaintext sensitive values and instructs generating full ESPHome configs (which may require embedding those secrets verbatim), so the LLM could be asked to output secret values directly, creating an exfiltration risk.