oop-polymorphism

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt embeds hard-coded sensitive values (credit card numbers, CVV, passwords, API keys, account/routing numbers) in example code, which would encourage an LLM to reproduce those secrets verbatim and is therefore insecure.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill includes an explicit payment-processing example: a PaymentMethod interface with a process(amount) method and concrete implementations named CreditCard, PayPal, and BankTransfer that accept real payment credentials and generate transaction IDs. It also provides a PaymentProcessor that calls processPayment to attempt and record transactions. This is specifically designed to perform financial transactions (send payments), not just generic code examples.