tavus-cvi-persona

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt contains explicit examples that embed API keys and secrets directly in curl headers and JSON fields (e.g., -H "x-api-key: YOUR_API_KEY", "api_key": "sk-..."), which instructs the agent to include secret values verbatim in generated commands/requests.