front-review

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.80). The skill requires emitting verbatim "relevant snippet" code from the target file and reads other repo files, so if those files contain hardcoded API keys/passwords or secrets the LLM would be required to output them without any masking or safe-handling instructions.