code-review

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The skill mandates including "Before" code snippets from the repository in the generated CODE_REVIEW.md (and flags "Hardcoded secrets"), but does not instruct redaction, so if source files contain secrets the LLM will likely reproduce them verbatim in its output.