setup-email-drafts

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt explicitly instructs the agent to read the .env file and extract API tokens (PSQUARED_CRM_TOKEN and EMAIL_DRAFT_ONLY_BEARER) for use in Authorization headers, which requires the LLM to ingest secrets and creates a high risk of them being exposed or echoed verbatim.