git-review

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill runs git log/diff and instructs the agent to embed raw commit bodies, file diffs and extracted content into the HTML/PDF report (and to flag commits mentioning "token/secret"), so any secrets present in the repository would be output verbatim and thus exfiltrated.