review-local-changes

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt explicitly instructs agents to run git diffs and include code-level evidence and suggested fixes (file:line and code snippets) with no redaction rules, so any secrets present in the diffs would be included verbatim in the generated report.