prophet-adversarial-auditor

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill explicitly instructs extracting the Prophet JWT and passing it as PROPHET_SESSION_TOKEN (and shows examples exporting SEREN_API_KEY / PROPHET_SESSION_TOKEN), which requires the agent to handle and potentially emit secret values verbatim (high exfiltration risk).