git-pr-reviewer

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.80). The prompt instructs the agent to run/git-diff and to detect and report hardcoded credentials or API keys but gives no guidance to avoid reproducing sensitive values, so the agent may needlessly read and output secret strings verbatim.