review-security

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill explicitly requires reading files and extracting exact code snippets (with file paths and line numbers) and classifies hardcoded secrets as critical, which forces the agent to handle and potentially output secret values verbatim if they appear in the codebase.