sn-ppt-doctor

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill explicitly says it "displays current value or 'unset'" for API-related env vars and "interactively writes .env" (i.e., prompts/records keys), which requires reading and potentially outputting secret values verbatim and therefore creates an exfiltration risk.