baoyu-post-to-wechat

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill instructs the agent to prompt for AppID/AppSecret and write them into .env (and references embedding access tokens in API requests), which requires the LLM to receive and output secret values verbatim.