gemini-cli-security

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The skill explicitly scans source for hardcoded secrets and presents code-line findings (examples show key-containing lines) but gives no instruction to redact/mask values, so the agent may output secret strings verbatim.