bug-report

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill explicitly instructs the agent to read and embed full contents of local JSON and state files into the report ("full contents" in Raw Data) without redaction, which could contain API keys or secrets and therefore requires handling/outputting secret values verbatim.