pr-reference

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The skill reads and embeds unified diffs and file contents into an XML output (including chunked diffs and file extracts), so any secrets present in the repository would be included verbatim in the generated output, creating an exfiltration risk.