owasp-check

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill's scan scripts explicitly print grep match lines and append them to the generated report (e.g., echo "$matches" | head -3 and piping check outputs into the report), which will output hardcoded secret values verbatim and thus requires the LLM to handle secrets directly.