dash

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt includes hard-coded plaintext credentials and a secret_key in example code (e.g., VALID_USERNAME_PASSWORD_PAIRS with "admin":"admin123" and app.server.secret_key = "your-secret-key-here"), which requires the model to emit secret values verbatim in generated code/examples and encourages insecure embedding of secrets.