eve-auth-and-secrets

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt contains commands and examples that place API keys, client secrets, and tokens directly into CLI arguments and curl headers (e.g., eve secrets set "sk-xxx", curl -H "Authorization: Bearer $TOKEN"), which would require an agent to accept and emit secret values verbatim — a high exfiltration risk.