go-backend-reviewer

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The prompt explicitly requires scanning for hard-coded API keys/passwords and may include code examples and file:line findings without instructing redaction, so the LLM could be expected to reproduce secret literals verbatim in its output.