mssql-tools

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill's examples and parameter list explicitly require supplying --password on the command line (shown as YOUR_PASSWORD) and thus encourage embedding plaintext database passwords in generated commands or scripts, which forces the LLM to handle secrets verbatim and creates an exfiltration risk.