pdf

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt includes examples that embed passwords and secret strings directly in commands and code (e.g., qpdf --password=..., writer.encrypt("userpassword", "ownerpassword")), which would lead an LLM to output secrets verbatim and thus creates an exfiltration risk.