revx-account

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.80). The prompt instructs the agent to perform auth fixes itself but explicitly allows escalating to the user for "pasting the API key" (and similar secret-only steps), which means the agent may request, receive, and must place raw API keys/passphrases into configs or commands—creating a high exfiltration risk.