fix-issue

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The prompt mandates providing verbatim file:line evidence for every claim and storing full analysis, which forces the model to quote code lines exactly — so if repository files contain hardcoded API keys, tokens, or passwords the LLM would be required to output them, creating an exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required workflow step "Fetch — Read GitHub issue details (title, description, reproduction steps)" in SKILL.md instructs the agent to ingest and act on user-generated GitHub issue content, which is an untrusted third-party source that can influence debugging and code-change decisions.