yy-refresh

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The skill directs the agent to read and output full/partial contents of changed files (including small files) and summarize them, which can cause it to include API keys, tokens, or plaintext passwords found in the repo verbatim in its output.