git-worktree

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.80). The skill explicitly instructs copying a .env (and a database file) between worktrees — a copy/paste of files that commonly contain API keys and secrets — so the agent is being asked to handle sensitive values (even if not printed), which is an insecure pattern.