teamwork

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The skill explicitly instructs interactive collection of "API key (or environment variable name)" and to persist provider configs (an api_key field) into .trae/config/providers.json, which can require the LLM/agent to record or emit raw secret values verbatim (high exfiltration risk).