qa-team

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt explicitly instructs collecting and embedding full diffs and file contents into agent prompts and the final QA report (QAREPORT.md), which forces the LLM to read and potentially reproduce any secrets present in those diffs verbatim, creating an exfiltration risk.