credo-custom-checks

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). This Credo check captures hardcoded secret values and places the full value in the issue's trigger (and part of it in the message), which causes secrets to be emitted verbatim in tool output — an explicit exfiltration risk.