opencode-controller

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill instructs the agent to copy and provide login links verbatim (and to relay links from Opencode to the user), which may contain tokens or secret parameters and therefore forces the LLM to output secrets verbatim.