image-files

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). This prompt instructs the agent to echo an environment variable and to insert the raw API key into an Authorization header (and report a generated test key), which requires handling and outputting secret values verbatim — a direct exfiltration risk.