api-docs

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt embeds API keys and Bearer tokens directly in example curl commands and code (e.g., "Authorization: Bearer sk_live_xxx", apiKey: 'sk_live_xxx'), effectively instructing the agent to include secrets verbatim in generated commands/code and therefore creates an exfiltration risk.