qr-code

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill explicitly instructs embedding sensitive values (e.g., WiFi SSIDs and passwords) directly into command-line arguments and examples (e.g., --wifi "SSID:password:WPA"), which requires the LLM to handle and output secret values verbatim and thus poses an exfiltration risk.