resend-email

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The prompt includes literal API-key-like strings and explicit examples that place keys directly into commands and headers (e.g., SMTP_PASS, curl -H "Authorization: Bearer ..."), meaning an agent following it could be required to output secrets verbatim, posing an exfiltration risk.