ag2-hitl

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.80). The prompt explicitly instructs the agent to solicit sensitive values (passwords, API keys) via context.input and to interpolate/display tool arguments (e.g., {tool_arguments}) in approval prompts, which can cause secrets entered by the user to be included verbatim in agent output.