nansen-smart-alerts

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.80). The prompt accepts webhook URLs, webhook-secret, and notes an internal API key is required — creating or displaying alerts could require the agent to place those secret values verbatim into CLI commands or configs, which is an exfiltration risk.