code-reviewer

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The agent is instructed to autonomously read repository files, search for patterns, and produce specific findings and concrete reproductions (including file:line and input values) with no guidance to redact secrets, so it may expose API keys/passwords found in code verbatim.