deep-review

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill ingests full file contents and explicitly requires agents to include code snippets, file:line evidence, and preserved external-tool rationale in findings (with no redaction guidance), which forces verbatim reproduction of any secrets present in the code or tool output—creating an exfiltration risk.