ai-code-reviewer

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The skill instructs secret scanning and includes code snippets in findings but does not require redaction or prohibit embedding detected secret values verbatim, so the LLM may output sensitive credentials (even if scanning runs locally), creating a high exfiltration risk.