reactlynx-best-practices

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.80). The skill accepts user-provided sourceCode and is instructed to produce verbatim scan reports and "fixed code" outputs, so if the input code contains API keys or passwords the LLM would read and reproduce those secret values in its output.