j-cli

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt instructs the agent to ask the user for missing Jupyter credentials (e.g., JCLI_JUPYTER_SERVER_TOKEN) and then embed them verbatim in shell commands/exports or per-command flags, which requires the LLM to handle and output secret values directly.