pessimistic-code-review

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill instructs the agent to display file contents, diffs, and BEFORE/AFTER code patches and to record full test outputs, so any hardcoded credentials or secrets present in code or test output would be reproduced verbatim in the agent's responses, creating an exfiltration risk.