review-security

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.80). The prompt instructs the agent to scan for and report hardcoded secrets using regexes and example matches but does not require redaction or prohibit including matched secret values verbatim in reports, so the LLM may need to output secrets as evidence.