task-master-install

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). Includes example commands and --env strings that embed token values (e.g., DOCUMENT_TOKEN, RUNTIME_TOKEN) directly in CLI arguments, meaning the agent could be instructed to insert user secrets verbatim into generated commands/outputs.