superset

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt includes plaintext credentials and tokens (e.g., admin/admin password, SECRET_KEY, DATABASE_URL with password, "Authorization: Bearer $TOKEN" and examples with 'your-access-token') embedded directly in commands and code, which requires the agent to output or reproduce secret values verbatim.