code-refactor

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.80). The skill requires outputting refactored source code while "preserving functionality," so if the original code contains hard-coded API keys, tokens, or passwords the agent would likely need to reproduce those secret values verbatim in its output, creating an exfiltration risk.