scanning-for-secrets

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill explicitly instructs generating reports that list any found keys, passwords, and their file locations (e.g., “listing any found keys”), which implies including secret values verbatim in output and therefore poses a direct exfiltration risk.