molt-fetch

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.80). The prompt includes example connection URIs and CLI usage that embed plaintext credentials (e.g., "postgresql://user:pass@...") and CLI flags that could require substituting real API keys or passwords verbatim into generated commands, creating an exfiltration risk (though it also mentions safer env/implicit-auth alternatives).