makefile-assistant

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill automatically captures and writes executed Bash commands into Makefile targets (and may display them to the user), which means any commands containing API keys, tokens, passwords, or other secrets would be recorded and reproduced verbatim, enabling secret exfiltration.