commitpush

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.80). The prompt requires scanning diffs for inline secrets and "surfacing files and content" flagged as sensitive to the user, which likely entails exposing secret values or sensitive snippets verbatim in the agent's outputs unless explicit redaction is enforced, creating an exfiltration risk.