code-review

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt requires reading full file contents and quoting exact lines as evidence (for findings/evidence), so any secrets present in changed files would be included verbatim in the agent's output, creating an exfiltration risk.