csharp-code-review

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill instructs the agent to read project source files and include "현재: {문제 코드}" and concrete code examples in its report without any masking rules, so any hard‑coded API keys/passwords found in the reviewed code would be reproduced verbatim in the output (exfiltration risk).