linkedin-post-creator

HIGH W008: Secret detected in skill content (API keys, tokens, passwords).

• Secret detected (high risk: 1.00). The code block contains the literal token "skp-plq5metfrxn9091ng1kr13di" passed to refly skill install. This value is high-entropy and resembles an API/installation key (not a simple placeholder like "YOUR_API_KEY" or a clearly marked example). The documentation does note that an installation ID is returned by refly skill install, but the presence of a concrete-looking token in the docs means it could be an exposed credential. It is not covered by the "ignore" rules (not a simple setup password, not a placeholder, not truncated/redacted), so it should be treated as a potential real secret.