protect-mcp-server-with-policies

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill explicitly requires a valid Bearer token (and shows calling createLogin with username/password) and directs the agent to collect policy configuration values from the user and embed them in API request bodies, which forces the LLM to handle and emit secret values verbatim.