repo

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.80). The skill reads and embeds raw file contents (e.g., package.json, source files, head outputs, code samples) into AI prompts and output bundles, which could contain hardcoded API keys or secrets that the LLM may reproduce verbatim in generated code or documentation.