business-logic-extractor

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.80). This skill instructs the agent to read and embed real code/config snippets (including constants and config files) from the repository into its output without any redaction guidance, so any hard-coded API keys, tokens, or secrets present in those files would be copied verbatim and exfiltrated.