runbook-generator

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt explicitly asks the agent to "Extract connection strings" and generate copy‑paste commands (including examples like curl with Authorization and psql using $PROD_DB_URL) which encourages pulling real credentials/URLs from the repo and embedding them verbatim in generated runbooks, creating an exfiltration risk.