code-review

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.80). The skill instructs the agent to read repository files, run a secrets-detection security scan, and include concrete code snippets/fixes with file paths and line numbers — but gives no instruction to redact or avoid printing sensitive values, so the agent could easily output secrets verbatim (high exfiltration risk).