aigw-orchestrator

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.80). The orchestrator requires creating Secrets and BackendSecurityPolicies for API keys and implicitly will need the actual key values to populate those Secrets or API auth fields (even if it warns not to hardcode them), so the agent would likely collect and output verbatim secret values—creating an exfiltration risk.