wiki-policy-check

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill explicitly requires reading repository markdown and including exact verbatim excerpts ("pull the actual quote") in the report, so if secrets (API keys, tokens, passwords) appear in those files the LLM would output them, enabling exfiltration.