survey-patterns

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.80). The prompt requires searching the codebase and returning the subagent's report verbatim, which could include any secrets found in files and thus enables exfiltration even though it doesn't explicitly ask for credentials.