lore

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.80). The skill explicitly documents using an API key via a CLI flag (lore auth login --key <api-key>), which is an insecure pattern because it encourages embedding secret values into commands (even though the prompt shows placeholders and doesn't include actual keys), so the LLM could be asked to insert or echo secrets verbatim.