security-audit

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill explicitly requires finding and reporting hardcoded credentials and to include file/line evidence and exploit scenarios without instructing redaction, which means the LLM would likely read and could output secret values verbatim (exfiltration risk).