sciomc

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill explicitly directs agents to extract and embed raw file contents and evidence blocks (code/text snippets with context and absolute file paths) into findings and reports, which would force the LLM to output any secrets present in those files verbatim.