code-review

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). It mandates quoting exact lines from changed files as evidence in findings, which will force the model to reproduce any embedded API keys, tokens, or passwords verbatim in its output, creating an exfiltration risk.