code-review-uncommitted

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.80). The prompt requires reading uncommitted file contents and producing diffs/snippets in its report without any sanitization rules, so it can easily include embedded secrets (API keys, tokens, passwords) verbatim in output.