keycloak

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.80). The prompt contains curl examples that embed credentials (a hardcoded "password=admin" and uses placeholders like Authorization: Bearer $TOKEN and client_secret=$CLIENT_SECRET/$ACCESS_TOKEN) which could require the agent to supply or echo secret values verbatim when generating commands, creating an exfiltration risk.