session-guidance

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill mandates parsing and echoing NDJSON constraint lines and building AUQ labels/descriptions directly from those fields (description/file/line), so if the scan data contains secret values (e.g., hardcoded keys) the LLM will be required to include them verbatim in its outputs, creating an exfiltration risk.