codebase-audit

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.80). The skill asks the agent to locate hard-coded secrets and configuration files in a codebase (e.g., env, CI/CD), which can lead the model to read and potentially include secret values verbatim in its reported findings unless explicit redaction rules are enforced.