agent-evaluation

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The rubric repeatedly requires "direct quote" or file:line evidence for every dimension and mandates quoting specific text from evaluated outputs, which would force the agent to reproduce verbatim file contents (including any API keys/secrets) if those appear in the evidence, creating a high exfiltration risk.