building-vulnerability-dashboard-with-defectdojo

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The prompt includes examples that place API keys, tokens, and passwords directly into environment variables, curl headers, and scripts (e.g., Authorization: Token ${API_KEY}, DD_DATABASE_PASSWORD, jira_api_token), which encourages embedding real secret values verbatim in commands or code and thus risks exfiltration.