drugbank-search

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill explicitly tells the agent to ask the user for their Valyu API key and then run a command that embeds that key as a command-line argument (scripts/search setup ), which requires the LLM to handle and output the secret verbatim, creating an exfiltration risk.