directus

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt includes concrete examples that embed secrets directly (docker -e SECRET/ADMIN_PASSWORD/DB_PASSWORD and curl Authorization: Bearer tokens), which instruct an agent to place secret values verbatim into commands and headers, creating exfiltration risk.