lightweight-design-analysis

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill mandates showing actual code snippets and file:line references for every finding, so if the submitted code contains API keys, tokens, or passwords the LLM would be required to reproduce them verbatim, creating an exfiltration risk.