security-audit

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The workflow instructs the agent to grep for secrets, read flagged files (20+ lines), and include "current vulnerable code" and fixes in the report with no redaction rules, which forces verbatim exposure of any hardcoded secrets it finds.