review-perf

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill requires extracting and outputting exact code snippets and file paths from the scanned codebase for evidence-based findings, which forces the LLM to reproduce any secrets present in those files verbatim and thus risks secret exfiltration.