valohai-project-run

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill prompt shows examples that pass tokens and secret values directly on the command line (e.g., "vh login --token YOUR_TOKEN" and "vh project env-var create MY_VAR=value"), which would require the model to include user-provided secrets verbatim in generated commands if supplied.