ssrf

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The skill requires including "exact file location with code snippet" in findings, which can force the LLM to reproduce any API keys, tokens, or passwords present in source files verbatim, creating an exfiltration risk.