stackone-connectors

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill explicitly shows a curl example that embeds an API key in an Authorization header and instructs constructing RPC calls (e.g., "Show how to construct the RPC call"), which requires inserting secret API keys/account IDs verbatim into generated commands—an explicit secret-exfiltration pattern.