audit-ml-pipeline

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill explicitly requires copying the literal Project init block (including any preceding skore.login(...) call) from experiments/.py into the generated audit file, which forces the LLM to reproduce any tokens/credentials present there verbatim and thus risks secret exfiltration.