configure-discord

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill asks users to paste sensitive values (webhook URL, bot token) and explicitly echoes/inserts them verbatim into outputs/commands (e.g., printing WEBHOOK_URL, using curl with $WEBHOOK_URL, writing botToken into config), so the LLM would handle and emit secrets directly.