open-source-prep

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill instructs the agent to list discovered real secrets and explicitly display truncated secret snippets (e.g., first/last characters) alongside file/line info, which requires the LLM to emit parts of secret values verbatim and thus poses exfiltration risk.