neon-js-react

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt includes examples that pass a database connection string (containing user:pass) directly on the command line (npx neon-js gen-types --db-url "postgresql://user:pass@host:5432/db"), which requires embedding secrets verbatim in generated commands and is therefore an exfiltration risk.