readme-generate

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.80). The skill explicitly extracts and inserts "real code" and example configuration from project files into the README (including .env/DB/API_KEY lines) without any redaction or secret-handling rules, so if secrets are present in the repository the LLM could be forced to output them verbatim.