refine-email-drafts

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill explicitly instructs the agent to read .env and extract the Notification Service Admin BEARER_TOKEN and then use it to call the admin API (read/update drafts), which requires the LLM to ingest and could require embedding that secret verbatim in requests/outputs, creating an exfiltration risk.