council

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.80). The prompt requires the agent to include full file/code contexts verbatim (wrapped in <file_content> and sent to external consultants and the scorer), which would expose any secrets present in those files to external models despite an optional secret-scan gate, so it can cause secret exfiltration.