audit-lsp

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The audit instructions explicitly examine and report LSP "server command and arguments" and aggregate findings into markdown/JSON logs without any redaction rules, so if those configs contain API keys/tokens the agent would read and likely emit them verbatim.