conducting-mobile-application-penetration-test

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The prompt includes commands that embed secrets directly (e.g., curl -H "Authorization: <api_key>") and workflows that dump keychains/backups, which would require the agent to handle or insert secret values verbatim into outputs/commands.