cook-hard

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt explicitly requires grepping and reading files and to "cite file:line evidence" and write analysis/workspace files (and bans mocks), which forces including verbatim file lines (potentially API keys, tokens, or passwords) in LLM outputs and storage.