route-tester

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The skill includes hardcoded credentials and example secret values (e.g., testuser/testpassword, jwt secret, mysql root password) and instructs copying tokens into curl commands, which would require an agent to output secret/token values verbatim—posing high exfiltration risk.