correlating-security-events-in-qradar

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The prompt includes curl examples that embed an API token in an HTTP header (e.g., -H "SEC: YOUR_API_TOKEN"), an insecure pattern that encourages inserting real API keys verbatim into generated commands/outputs and thus risks secret exfiltration.