orchata-cli

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The prompt includes explicit examples that embed API keys verbatim (e.g., --api-key oai_custom_key, config.json apiKey fields, and export ORCHATA_API_KEY with token placeholders), which encourages inserting secret values directly into commands/configs and thus requires the LLM to handle/output secrets verbatim.