redmine-search

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt directs the agent to read the API token from the environment and insert it directly into request URLs/headers (e.g., ?key=$REDMINE_API_TOKEN or X-Redmine-API-Key), which requires embedding the secret verbatim in generated requests.