security-audit

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The skill explicitly searches for hardcoded secrets and instructs the agent to read and produce verbose file/code excerpts and proof-of-concept snippets (without requiring redaction), so an agent following it will likely include secret literals verbatim in reports, creating exfiltration risk.