configuring-agent-brain

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The prompt instructs an interactive wizard and config/ENV setups that explicitly show and may write API keys (e.g., api_key: "sk-proj-..." and export OPENAI_API_KEY="...") into config files or shell commands, which requires the agent to accept and potentially output secret values verbatim (exfiltration risk).