geo-content-optimizer

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt embeds a secret-looking installation token (skp-ub6wkythdmss5iu17z9nputa) in the example install command and shows usage that would reproduce an installation ID verbatim, so an agent would likely need to handle/output that secret string directly.

HIGH W008: Secret detected in skill content (API keys, tokens, passwords).

• Secret detected (high risk: 1.00). The command contains a literal, high-entropy token: "skp-ub6wkythdmss5iu17z9nputa". It follows an "sk*-..." API/key-like pattern, is not a placeholder (no YOUR_ or sk-xxxx), is not truncated or labeled as an example, and therefore appears to be a real/usable credential (installation/API key). No other high-entropy secrets are present.