analyze-codebase

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.80). The workflow explicitly instructs agents to inspect environment/config files, external integrations, and produce/save full analysis reports without any redaction rules, so secrets found in the codebase (e.g., .env, config files, API keys) could be read and output verbatim.