Email Send-as-Rep

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill explicitly instructs constructing API calls with Authorization headers containing the rep's OAuth token (and mentions refresh_tokens), which requires inserting secret tokens verbatim into requests/output and therefore exposes secrets to the agent/LLM.