security-scan

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt explicitly requires locating "API keys, tokens, passwords in source" and providing evidence (specific code patterns/file:line and code examples), which would force the model to reproduce secret literals verbatim in its output.