code-review

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill explicitly requires scanning for and reporting "Hardcoded secrets, tokens, passwords (even in comments)" and its finding format includes quoting file:line and code snippets, which encourages reproducing secret values verbatim in the report rather than redacting them.