update-component-reference

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). This skill instructs the agent to read and embed raw file/config contents (e.g., hooks.json, .mcp.json, and raw-loader imports) verbatim into documentation, which could expose any API keys or secrets contained in those files.