security-pattern-check

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.80). The skill explicitly instructs the agent to include "vulnerable code" and "codeExample" snippets (and its examples show hardcoded API keys), so in practice the LLM will often echo secret values verbatim from analyzed code, creating an exfiltration risk.