meeting-prep

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt instructs reading secret tokens/credentials from files and injecting them directly into curl commands and POST bodies (e.g., Authorization: Bearer $TOKEN, client_secret=$CLIENT_SECRET), which requires the agent to include secret values verbatim in generated requests/commands.