readme

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.80). This skill instructs the agent to explore the repo and produce copy-pasteable commands and environment variable values (including checking config/master.key and setting SECRET_KEY_BASE/RAILS_MASTER_KEY), meaning it may need to read and embed secret values verbatim into the generated README if those secrets exist or are supplied — creating an exfiltration risk.