forge-security

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill's anti-hallucination rules require file:line and code excerpts for findings and its "Secrets Detection" explicitly searches for hardcoded keys (e.g., sk-...), which would force the agent to include secret values verbatim in reported excerpts if found.