find-todos

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.80). The skill explicitly outputs full comments and surrounding code and caches todo entries, so any secrets present in those files would be included verbatim in outputs and stored—creating an exfiltration risk.