gzh-ai-feed

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.80). The prompt requires users to provide an API key and explicitly shows insecure usage patterns (e.g., passing --api-key ak_你的密钥 on the command line and echoing a JSON with the key), which would cause an agent to include secret values verbatim in generated commands or snippets — creating an exfiltration risk.