upload-post

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). Yes — the prompt explicitly asks the agent to collect the user's API Key and provides examples that embed the key as a command-line argument (--api-key "YOUR_API_KEY"), which requires the LLM to handle and output secret values verbatim.