fe-code-review

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill reads project files and emits before/after code snippets and security findings (including checks for exposed API keys) without any instruction to redact, so any secrets present in the files would be reproduced verbatim in its output.