soft-copyright-application

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The skill explicitly instructs the agent to produce verbatim source code files (full code or front/back 1500 lines) from the project without any general secret-redaction rules, so any hardcoded API keys/passwords in the code would be output directly, creating an exfiltration risk.