ralph-loop

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The skill instructs the agent to read and inject verbatim content from files and logs (e.g., evidenceLog entries, PROMPT.md, and test-runner outputs) into prompts and stdout, which would force the LLM to include whatever exact text is present — including any secrets that might appear — creating an exfiltration risk.