agent-authentication

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill's examples and MCP calls include explicit password and token fields (e.g., password, reset_token, new_password) that the agent would need to insert verbatim into generated tool invocations/requests, creating an exfiltration risk.