api-tools

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The prompt includes many examples that embed credentials directly in commands and requests (e.g., curl -H "Authorization: Bearer TOKEN", curl -u username:password, http ... password=secret, newman --env-var "token=xxx"), which encourages or requires placing real secret values verbatim into generated commands or code.