posthog

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.80). The prompt includes examples that embed API keys directly in CLI commands (e.g., printf 'phc_xxx' | vercel env add and npx convex env set ... "phc_xxx"), and it instructs fixing env vars via such commands, which would require the agent to handle or emit secret values verbatim.