aiconfig-targeting

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill instructs the agent to prompt for an API access token if detection fails and shows curl/Python examples embedding an Authorization header with the token placeholder, which implies the agent may collect and place secret values verbatim into commands/requests (exfiltration risk).