judge-with-debate

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt requires judges to quote "exact text" and include specific evidence from the evaluated solution files (and requests a resolved CLAUDE_PLUGIN_ROOT), which forces the LLM to reproduce verbatim content from artifacts — potentially including API keys, tokens, or passwords embedded in those files or env vars — creating an exfiltration risk.