code-review

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill instructs the agent to scan and report on source files (including hard-coded passwords/API keys) and to produce file/line-level issue reports which may include verbatim code snippets or secret values, and it does not require redaction—creating a high exfiltration risk.