tech-documentation

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The skill prompt includes multiple concrete examples that hard-code and inline secrets (e.g., --docker-password=password, -psecretpassword, helm --set auth.rootPassword=secretpassword, Authorization: Bearer {token}) and shows patterns of embedding credentials into commands, which encourages the LLM to reproduce or place secret values verbatim in outputs.