bx-pdf

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill prompt includes literal plaintext passwords (e.g., openpassword="openme", ownerpassword="adminonly") and demonstrates embedding them directly into generated code, which requires the LLM to output secret values verbatim and therefore poses an exfiltration risk.