1password-items

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt shows and instructs constructing CLI commands that include secret values verbatim (e.g., "Client Secret[concealed]=secret-value-here", "API Key[concealed]=sk-xxxxxxxxxxxx"), which would require an LLM to output actual secret strings directly.