citation-management

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.80). The skill includes examples and commands that pass an API key as a direct command-line argument (e.g., --api-key "$(grep ...)" ) and requires using an API key for harvesting/searching, which encourages embedding secret values into commands/outputs and thus risks verbatim secret exposure.