tigris-buckets

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt includes examples that pass API keys, secret keys, tokens, and passwords directly on the command line (e.g., --access-key AKIA..., --secret-key wJal..., --token secret123, --password secret), which encourages embedding secret values verbatim in commands and output — an insecure pattern that can lead to exfiltration.