frontend-security

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill explicitly instructs searching for hardcoded secrets (including .env) and calls for reporting "code snippet" findings without any redaction guidance, which would require the model to emit secret values verbatim.