clerk

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The prompt explicitly declares "Input: Clerk Publishable Key, Secret Key…" and gives no guidance to keep them in environment variables or avoid embedding, so an agent following it may be instructed to accept and include secrets verbatim in generated code/config, creating a high exfiltration risk.