refactoring-coach

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The skill instructs the agent to quote specific code snippets from the user's component (the "smell" step), which would require reproducing any hard-coded secrets or credentials present in that code verbatim and thus risks secret exfiltration; it gives no guidance to redact or avoid printing secrets.