supply-chain-analytics

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The prompt includes hard-coded connection strings and an Authorization header with a literal token (e.g., 'postgresql://user:pass@host:5432/...' and 'Bearer token'), which encourages embedding secrets verbatim in generated code or configs and thus creates exfiltration risk.