rule-auditor

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill instructs the agent to read source and memory files and include specific code lines and issues in reports (and to write those findings to memory files), which means any secrets present in those files would be copied verbatim into the agent's output and stored—creating a direct secret-exfiltration risk.