debug-council

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The prompt requires forwarding the user's raw prompt verbatim to multiple solver agents and allows agents to read files and produce complete fixes/reports (including code changes and file contents), which can cause any secrets in the user prompt or repository (e.g., API keys, .env values) to be read and emitted verbatim.