push-notifications

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill asks the user to provide a Teams incoming webhook URL and instructs the agent to send a test via curl (embedding the webhook URL), which requires including the secret webhook value verbatim in generated requests/commands.