honest-code-review

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt requires the model to quote exact offending code snippets, file paths and line numbers when reviewing code, which would force the model to reproduce any hardcoded API keys, tokens, or passwords present in user-submitted code and thus creates an exfiltration risk.