api-designer

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.80). The prompt embeds literal-looking secret examples (e.g., "Authorization: Bearer eyJhbGciOiJIUzI1NiIs..." and "X-API-Key: sk_live_abc123...") and documents auth headers, which can lead the LLM to include secret-like values verbatim in generated requests or examples.