intelligems-test-portfolio

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt instructs embedding a webhook URL as a command-line argument (python3 portfolio.py --slack "<webhook_url>") and asks to get an API key if missing, which encourages collecting and inserting secrets verbatim into commands or outputs, creating exfiltration risk.