doc-claim-validator

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill explicitly extracts and reports the "literal text of the claim" (including config/env entries) and merges those into AI-assisted reports, so any secrets present in docs (API keys, tokens, passwords) would be captured and emitted verbatim.