effect-http-server

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt defines an endpoint that reads an "x-api-key" header and returns it verbatim in a response string (echoing header values), which instructs copying a secret value into output and thus creates an exfiltration risk.