mcp-manager

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill explicitly instructs building and executing CLI commands that embed environment variable values (e.g., --env "KEY=VALUE") and shows an example including a DATABASE_URL, which requires the LLM to include secret values verbatim in commands/outputs.