ffuf-web-fuzzing

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt explicitly instructs the agent to ask for and accept raw HTTP requests or individual credentials (Bearer tokens, session cookies, API keys) and to substitute those real values into request templates or req.txt files, which requires the LLM to output secrets verbatim.