security-audit-owasp-top-10

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill directs the agent to collect matching lines and include code snippets/evidence from the codebase in the report, which can require outputting hardcoded secrets verbatim if present and it gives no instruction to redact or mask them.