audit

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The audit skill requires reading every line of code, tracing data flows to external API calls, and producing detailed findings and examples in the report without any instruction to redact secrets, which could force the LLM to include API keys/passwords/cookies verbatim if they appear in the codebase.