cook-auto

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt mandates showing grep/file:line evidence and writing analysis files (citing file contents) for every claim, which forces the LLM to reproduce repository file lines verbatim and could exfiltrate any embedded API keys, tokens, or passwords found there.