verification

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The skill explicitly directs the agent to read environment files and "quote actual output" (e.g., .env.local, vercel env ls, runtime logs) and to verify that credentials are present, which encourages exposing secret values verbatim as evidence and creates an exfiltration risk.