security-audit

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.80). The skill inspects code for hard-coded keys and requires before/after code snippets and findings in the report but gives no instruction to redact secrets, so the LLM would likely reproduce secret values verbatim from analyzed files.