spec

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill walks the repo and explicitly requires preserving "identifiers, paths, code verbatim" and enumerating configs/APIs, so if secrets are hard-coded or present in configs the LLM would be required to reproduce them verbatim in SPEC.md, causing exfiltration risk.