second-opinion

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill requires the agent/subagent to reproduce the user's "proposed fix — verbatim" and include surrounding code/context, which forces the model to read and potentially output any secrets embedded in that input, creating an exfiltration risk.