static-vulnerability-detector

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.80). The skill runs hardcoded-credentials rules and requires emitting source→sink traces and code snippets as findings, which can cause the model to reproduce secret values found in source code verbatim (exfiltration risk).