feishu-perm

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill requires including literal "token" values (e.g., "ABC123", "doxcnXXX") inside generated JSON tool calls, which forces the LLM to emit sensitive resource tokens/credentials verbatim and therefore risks secret exfiltration.