security

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.80). The workflow instructs the agent to scan code for hardcoded secrets and produce detailed reports with file:line and code snippets but does not mandate redaction, so the agent could output secret values verbatim (exfiltration risk).