b2c-config

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill explicitly instructs revealing unmasked secrets (b2c setup inspect --unmask), shows passing passwords as command-line arguments (--password secret), and demonstrates inserting raw tokens into curl, which all require the LLM to handle or output secrets verbatim.