report

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.80). The prompt requires including "Evidence" and raw tool outputs from the session, which may contain API keys, tokens, or passwords and therefore could force the model to reproduce secret values verbatim, creating an exfiltration risk.