docs-skill-review

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.80). The skill tells the agent to extract and reproduce "command examples" and "configuration snippets" from SKILL.md and references (and to include API claim inventory), but gives no instruction to redact secrets, so if those files contain API keys/tokens/passwords the LLM would likely output them verbatim.