qcsd-cicd-swarm

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill explicitly instructs agents to ingest and "PASTE THE COMPLETE" pipeline artifacts and configuration diffs (including environment variables, secrets-detection outputs, and old/new env values) and to embed full agent outputs into reports, which means any secret values present in those artifacts would be read and likely reproduced verbatim in generated outputs, creating an exfiltration risk.