gemini

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.80). The skill instructs assembling and sending full diffs and contextual change data (DIFF, CONTEXT) into the Gemini prompt, so any API keys, tokens, or passwords present in those files will be passed verbatim to the model and may be echoed in the review, creating an exfiltration risk.