document-service

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill mandates quoting exact file contents and line-cited findings (including config/.env files and "secrets refs") and producing actionable commands, which would force the model to reproduce any embedded API keys/passwords or tokens verbatim if present in the codebase — enabling secret exfiltration.