prompt-engineer

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The skill explicitly requires the agent to "always display the complete prompt text" and include full example inputs/outputs verbatim, which would force the model to echo any API keys, tokens, or passwords present in prompts or examples and thus creates an exfiltration risk.