deep-read

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). This skill mandates reading files in full and producing line-cited reports of code/configuration, so if secrets (hard-coded API keys, tokens, or passwords) exist in the repository the agent would be required to reproduce them verbatim in its output, creating an exfiltration risk.