tuzi-infographic

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt mandates preserving all source data verbatim and embedding the saved/structured content into generated prompts and output files (including reading user/project files like EXTEND.md and pasted content), so any secrets present in the input would be reproduced verbatim in outputs, creating a high exfiltration risk.