red-team-reporting

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The template unconditionally embeds raw proof-of-concept, request/response, and reproduction command fields (e.g., {finding.poc}, {finding.request}, {finding.response}) into reports, which will output any secrets contained in those fields verbatim and thus can exfiltrate API keys or tokens.