review-doc

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). Because the skill requires quoting the sub-agent’s findings verbatim with no guidance to redact or avoid sensitive fields, any secrets present in user-provided documents would be reproduced in the agent’s output, creating an exfiltration risk.