query-api

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt explicitly requires calling POST /v1/sql/query "with Bearer auth" using project API keys, which forces embedding raw tokens into requests/headers and can cause the LLM to output secret values verbatim.