workflow-interactive-dev

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The dispatch implementation explicitly parses user-submitted text and returns it verbatim in node outputs and toolResponses, meaning any API keys or passwords supplied by a user would be echoed through the agent and could be exfiltrated.