scientific-schematics

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt explicitly shows and advices passing API keys directly in commands and code (e.g., --api-key "sk-or-v1-..." and api_key="your_openrouter_key"), which instructs embedding secrets verbatim and is a high exfiltration risk.