worldlabs

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The prompt asks the user to paste their API key into the conversation and includes examples that embed the key directly in CLI commands (WORLDLABS_API_KEY= ...), which requires the agent to handle or could cause it to output secret values verbatim.