secondme-openclaw-activity

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill instructs the agent to read the local credentials file for an accessToken/access_token and to include that token verbatim in an Authorization: Bearer request header, which requires the LLM to handle and output a secret value directly.