frame-tv

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt explicitly supports and documents passing an API key via a CLI flag and shows an example embedding the key in a command (uv run ... --api-key "your-key-here"), which instructs the agent to accept and output secret values verbatim, creating an exfiltration risk.