ask

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). Because the prompt mandates backing every claim with file:line evidence and searching/quoting the codebase without any redaction rules, the agent may be forced to read and reproduce file contents (which can include API keys, tokens, or passwords) verbatim, creating a high exfiltration risk.