langfuse

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.80). The prompt's code examples explicitly show embedding public_key and secret_key strings (e.g., secret_key="sk-...") in client initialization, which encourages hardcoding or echoing API secrets and risks the LLM including secret values verbatim in generated code or instructions.