yy-frontend-vue2-review

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill instructs the agent to include verbatim code snippets and file-level findings in its audit reports (including "涉及代码" code blocks) and to detect "敏感信息泄露", which means it will read and may output hard-coded secrets from project files—creating an exfiltration risk.