intelligems-profit-impact

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt explicitly instructs the agent to ask the user for secrets (an API key and webhook URL) and then embed them verbatim in shell commands/CLI arguments or an .env file (e.g., echo "INTELLIGEMS_API_KEY=<user's key>" and passing "<webhook_url>" to --slack), which requires the LLM to handle and output secret values directly.