frontend-code-review

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The skill requires extracting and outputting representative code snippets verbatim from frontend files (with no redaction rules), so if those files contain embedded API keys, tokens, or passwords the agent would include them in its output, enabling secret exfiltration.