code-review

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The reviewer is given full PR diffs and explicitly asked to identify "Hardcoded secrets or credentials" with line-level feedback but is not instructed to redact them, so it may need to reproduce secret values verbatim in its output.