dead-code-scanner

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill explicitly requires reading files and including code snippets and literal declarations (e.g., private lets) in the generated report, which can force the LLM to output secret values verbatim if they exist in the codebase, creating an exfiltration risk.