codex-architect

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The prompt mandates reading and reporting on repository files (e.g., "cat | head -150" and "First describe which files you researched") without any instructions to avoid or redact secrets, so the model may extract and output API keys/passwords verbatim.