jeecg-onlreport

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill explicitly instructs collecting the user's X-Access-Token and shows examples embedding that token and other credentials verbatim into code/CLI (e.g., init_api('<api_base>', ''), --token , and mysql -uroot -proot), which requires the LLM to output secrets directly.