krea-api

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt explicitly shows and encourages embedding API keys/secrets directly in command-line invocations and in generated code (e.g., thinkfleetbot config set ... YOUR_SECRET and key_id/secret in the Python snippet), which requires the LLM or agent to handle and potentially output secret values verbatim — a high exfiltration risk.