intelligems-segment-spotlight

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill asks the agent to prompt the user for their API key (and to save it) and shows passing a Slack webhook URL as a quoted CLI argument, which requires embedding secret values verbatim in commands or outputs, creating an exfiltration risk.